It can be passed in as an env variable when starting the container On Wed, Mar 30, 2016 at 12:16 PM, Hasitha Aravinda <[email protected]> wrote:
> One limitation we had in C4 based secure vault is once enabled we have to > provide the keystore password at every server start. I think we have to > look how we can overcome this limitation in container world. > > Thanks, > Hasitha. > > On Wed, Mar 30, 2016 at 12:12 PM, Afkham Azeez <[email protected]> wrote: > >> In the container world, the sec vault files will get packed into the >> containers, and if there are changes to those files, you will need to >> create a new version of the container image. This is true for the rest of >> the configuration files as well. This goes with the concept of immutable >> servers. >> >> Azeez >> >> On Wed, Mar 30, 2016 at 11:54 AM, Sameera Jayasoma <[email protected]> >> wrote: >> >>> I believe we cannot apply the same thing we had in C4. We have to think >>> about how we can apply this for containers as well. Lets have a quick chat >>> on this. >>> >>> Thanks, >>> Sameera. >>> >>> On Wed, Mar 30, 2016 at 11:51 AM, Hasitha Aravinda <[email protected]> >>> wrote: >>> >>>> I think we have to target this for Hamming platform ? Because we have >>>> some configuration files like (*-datasource.xml) with passwords. >>>> >>>> Apart from securing passwords in configuration files, I think we will >>>> need secure vault support for runtime as well. In products like GW, ESB and >>>> BPS do secure services invocations, (i.e BasicAuth) and we will need a >>>> central place to store encrypted credentials. >>>> >>>> Thanks, >>>> Hasitha. >>>> >>>> On Wed, Mar 30, 2016 at 11:33 AM, Afkham Azeez <[email protected]> wrote: >>>> >>>>> Simply porting the existing sec vault to work with C5 should be >>>>> sufficient. >>>>> >>>>> On Wed, Mar 30, 2016 at 11:03 AM, Hasitha Aravinda <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi team, >>>>>> >>>>>> How are we going to use $Subject in C5. Can we use existing secure >>>>>> vault implementation for this. >>>>>> >>>>>> Thanks, >>>>>> Hasitha. >>>>>> >>>>>> -- >>>>>> -- >>>>>> Hasitha Aravinda, >>>>>> Senior Software Engineer, >>>>>> WSO2 Inc. >>>>>> Email: [email protected] >>>>>> Mobile : +94 718 210 200 >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> *Afkham Azeez* >>>>> Director of Architecture; WSO2, Inc.; http://wso2.com >>>>> Member; Apache Software Foundation; http://www.apache.org/ >>>>> * <http://www.apache.org/>* >>>>> *email: **[email protected]* <[email protected]> >>>>> * cell: +94 77 3320919 <%2B94%2077%203320919>blog: * >>>>> *http://blog.afkham.org* <http://blog.afkham.org> >>>>> *twitter: **http://twitter.com/afkham_azeez* >>>>> <http://twitter.com/afkham_azeez> >>>>> *linked-in: **http://lk.linkedin.com/in/afkhamazeez >>>>> <http://lk.linkedin.com/in/afkhamazeez>* >>>>> >>>>> *Lean . Enterprise . Middleware* >>>>> >>>> >>>> >>>> >>>> -- >>>> -- >>>> Hasitha Aravinda, >>>> Senior Software Engineer, >>>> WSO2 Inc. >>>> Email: [email protected] >>>> Mobile : +94 718 210 200 >>>> >>> >>> >>> >>> -- >>> Sameera Jayasoma, >>> Software Architect, >>> >>> WSO2, Inc. (http://wso2.com) >>> email: [email protected] >>> blog: http://blog.sameera.org >>> twitter: https://twitter.com/sameerajayasoma >>> flickr: http://www.flickr.com/photos/sameera-jayasoma/collections >>> Mobile: 0094776364456 >>> >>> Lean . Enterprise . Middleware >>> >>> >> >> >> -- >> *Afkham Azeez* >> Director of Architecture; WSO2, Inc.; http://wso2.com >> Member; Apache Software Foundation; http://www.apache.org/ >> * <http://www.apache.org/>* >> *email: **[email protected]* <[email protected]> >> * cell: +94 77 3320919 <%2B94%2077%203320919>blog: * >> *http://blog.afkham.org* <http://blog.afkham.org> >> *twitter: **http://twitter.com/afkham_azeez* >> <http://twitter.com/afkham_azeez> >> *linked-in: **http://lk.linkedin.com/in/afkhamazeez >> <http://lk.linkedin.com/in/afkhamazeez>* >> >> *Lean . Enterprise . Middleware* >> > > > > -- > -- > Hasitha Aravinda, > Senior Software Engineer, > WSO2 Inc. > Email: [email protected] > Mobile : +94 718 210 200 > -- *Afkham Azeez* Director of Architecture; WSO2, Inc.; http://wso2.com Member; Apache Software Foundation; http://www.apache.org/ * <http://www.apache.org/>* *email: **[email protected]* <[email protected]> * cell: +94 77 3320919blog: **http://blog.afkham.org* <http://blog.afkham.org> *twitter: **http://twitter.com/afkham_azeez* <http://twitter.com/afkham_azeez> *linked-in: **http://lk.linkedin.com/in/afkhamazeez <http://lk.linkedin.com/in/afkhamazeez>* *Lean . Enterprise . Middleware*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
