Thanks for the answer Andrea. I will try to update this page https://docs.geoserver.org/latest/en/user/security/passwd.html#parametrized-passwords to make it clear it is only for user password.
Alexandre Le ven. 7 avr. 2023 à 09:47, Andrea Aime <andrea.a...@geosolutionsgroup.com> a écrit : > On Fri, Apr 7, 2023 at 9:30 AM Alexandre Gacon <alexandre.ga...@gmail.com> > wrote: > >> If I put a clear password in the properties file, GeoServer manages to >> use it to connect to the database but if I put the crypted version it is no >> longer possible to connect to the database. >> >> Should I consider that for database I can only put plain password in the >> property file? >> > > Yes, parametric configuration has no idea of what encryption is, to begin > with. Adding support for it won't be trivial, parameter expansion acts in > the > wrong part of the stack: > > - passwords are decrypted while reading the XML files at startup > - parameter expansion applies when configuration is already loaded, > way too late). > - parameter expansion has no idea of what the parameters mean, it's > using reflection to replace string properties in configuration objects, > with no understanding of their role > > Thinking out loud, it may be easier to support encrypting the whole > properties file, although we'd have to devise a way to > make it user editable in the process (e.g., something that GeoServer can > decrypt, but with tools to edit that are readily available for end users) > > Cheers > Andrea > > == > > GeoServer Professional Services from the experts! > > Visit http://bit.ly/gs-services-us for more information. > == > > Ing. Andrea Aime > @geowolf > Technical Lead > > GeoSolutions Group > phone: +39 0584 962313 > > fax: +39 0584 1660272 > > mob: +39 339 8844549 > > https://www.geosolutionsgroup.com/ > > http://twitter.com/geosolutions_it > > ------------------------------------------------------- > > Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE > 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si > precisa che ogni circostanza inerente alla presente email (il suo > contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è > riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il > messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra > operazione è illecita. Le sarei comunque grato se potesse darmene notizia. > > This email is intended only for the person or entity to which it is > addressed and may contain information that is privileged, confidential or > otherwise protected from disclosure. We remind that - as provided by > European Regulation 2016/679 “GDPR” - copying, dissemination or use of this > e-mail or the information herein by anyone other than the intended > recipient is prohibited. If you have received this email by mistake, please > notify us immediately by telephone or e-mail >
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
