add support for Jetty's password obfuscation methods
----------------------------------------------------
Key: CXF-3895
URL: https://issues.apache.org/jira/browse/CXF-3895
Project: CXF
Issue Type: Improvement
Components: Configuration
Affects Versions: 2.4.2
Environment: Java 6
Windows XP SP3
CXF 2.4.2
Reporter: Michael Heß
Priority: Minor
For SSL connectors, the Jetty configuration allows definition of keystore and
truststore passwords in a obfuscated fashion. See
http://wiki.eclipse.org/Jetty/Howto/Secure_Passwords for details. Currently
this does not work when using the Spring based configuration for jetty, i.e.
using for example this
<sec:keyStore type="JKS" password="OBF:1sot1v961saj1v9i1v941sar1v9g1sox"
file="conf/keystore" />
will lead to an exception on startup, which is identical to those that come up
when an invalid keystore password is provided.
My guess is, that the "OBF:" prefix is not detected by the configuration hook,
and therefore the provided password string is used as-is. (But I am just
guessing here...)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
