Agreed. I also think that for those users who need encryption of their stored data, they may already be using a bespoke backend that provides that feature. It almost seems like an odd concept, as if your wiki is public-facing there's no obvious need to encrypt what is already public data, and if your wiki is in a secure environment you probably don't need additional server-side security. I'm struggling with the use case a bit.
Over the years I've written various backends for JSPWiki, and while I haven't had need for encryption, it wouldn't have helped me at all to have it as a feature in JSPWiki itself, I would have implemented it as part of the backend code, or it would have been in the already-existing backend I was connecting to. On 13/12/25 14:53, Alex O'Ree (Jira) wrote:
[ https://issues.apache.org/jira/browse/JSPWIKI-205?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18044814#comment-18044814 ] Alex O'Ree commented on JSPWIKI-205: ------------------------------------ i think the easy solution to this is to provide an easy to override method that would enable encryption or decryption or whatever when something is read or written from disk or database. That way you can provide your own encryption mechanism, keyloading etc. If we try to bake it in, someone will always not like it. So the work for something that wants to encryption is to extend the File or Database provider, override a method or two, compile, add to classpath, update the jspwiki-custom.properties and fire it up.Obfuscate on disk content type ------------------------------ Key: JSPWIKI-205 URL: https://issues.apache.org/jira/browse/JSPWIKI-205 Project: JSPWiki Issue Type: Improvement Components: Core & storage Reporter: Chris Lialios Priority: Trivial Attachments: BasicOverview.doc, BasicOverview.docx, EncryptingProviderSource.zip, encryption.patch, encryption.patch, encryption.patch, encryption.patch We would like to store passwords within the wiki pages. Securing the page is trivial, however the contents on disk remain clear text. It would be very nice to have a page type that could be stored in an obfuscated form on disk. As an addition have a secondary password to display/edit the encrypted contents on disk for those who do not want to use wiki security on the page. I suspect this will have potentially drastic effects on the revisions process, but it would be a small price to pay for security.-- This message was sent by Atlassian Jira (v8.20.10#820010)
........................................................................... Murray Altheim <murray18 at altheim dot com> = = === http://www.altheim.com/murray/ === === = = === In the evening The rice leaves in the garden Rustle in the autumn wind That blows through my reed hut. -- Minamoto no Tsunenobu
