[
https://issues.apache.org/jira/browse/OPENJPA-1089?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Dick updated OPENJPA-1089:
----------------------------------
Affects Version/s: (was: 2.0.0-M2)
Fix Version/s: (was: 2.0.0)
Assignee: Michael Dick (was: Donald Woods)
Remaining Estimate: 0h
Original Estimate: 0h
I ran into a problem with the testcase:
TestPersistenceProductDerivation:109
assertTrue(actual.containsAll(Arrays.asList(expectedPUs))); // fails
assertTrue(actual.containsAll(expectedPUs)); // passes
Otherwise the patch looks good, running the full regression bucket now.
> Provide for password encryption within persistence.xml
> ------------------------------------------------------
>
> Key: OPENJPA-1089
> URL: https://issues.apache.org/jira/browse/OPENJPA-1089
> Project: OpenJPA
> Issue Type: New Feature
> Components: jpa
> Affects Versions: 1.3.0
> Reporter: Kevin Sutter
> Assignee: Michael Dick
> Attachments: OPENJPA-1089-2.patch, OPENJPA-1089.PATCH
>
> Original Estimate: 0h
> Remaining Estimate: 0h
>
> A recent discussion on our users forum [1] has surfaced (again) the need to
> encrypt the password fields in the persistence.xml. In the particular
> scenario outlined in the posting, this user wanted to encrypt the password
> sent into Apache DBCP via the url string. In my mind, that's a separate
> problem related to DBCP.
> But, OpenJPA has openjpa.Connection*Password properties that could be
> encrypted. And, the new JPA 2 spec outlines a
> javax.persistence.jdbc.password property that would be nice to encrypt.
> I'm opening this Issue as a Feature request, but it could also be considered
> a bug since a non-jndi environment is crippled from a security standpoint.
> [1]
> http://n2.nabble.com/How-to-encrypt-DB-password-in-persistence.xml-td2868212.html
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
