|
| 1.2 | modified | starksm | cluster/src/main/org/jboss/ha/jndi/DetachedHANamingService.java | Refactor the HANamingService into a transport independent DetachedNamingService thatcan be used with the detached invoker framework and leave the HANamingService as thehard-coded HA-RMI/JRMP version. |
| 1.2 | modified | starksm | cluster/src/main/org/jboss/ha/jndi/DetachedHANamingServiceMBean.java | Refactor the HANamingService into a transport independent DetachedNamingService thatcan be used with the detached invoker framework and leave the HANamingService as thehard-coded HA-RMI/JRMP version. |
| 1.38 | modified | starksm | cluster/src/main/org/jboss/ha/jndi/HANamingService.java | Refactor the HANamingService into a transport independent DetachedNamingService thatcan be used with the detached invoker framework and leave the HANamingService as thehard-coded HA-RMI/JRMP version. |
| 1.16 | modified | starksm | cluster/src/main/org/jboss/ha/jndi/HANamingServiceMBean.java | Refactor the HANamingService into a transport independent DetachedNamingService thatcan be used with the detached invoker framework and leave the HANamingService as thehard-coded HA-RMI/JRMP version. |
| 1.2 | deleted | starksm | security/src/main/org/jboss/security/util/PropertyAccess.java | Remove the PropertyAccess as public methods for privileged actions aresecurity leaks |
| 1.4 | modified | starksm | security/src/main/org/jboss/security/jacc/SecurityService.java | Remove the PropertyAccess as public methods for privileged actions aresecurity leaks |
| 1.6 | modified | starksm | connector/src/main/org/jboss/resource/adapter/jms/JmsCred.java | Update the use of priviledged code blocks to isolate the actions that should be permissioned based on the jboss permissions vs user code |
| 1.2 | modified | starksm | connector/src/main/org/jboss/resource/security/SubjectActions.java | Common package privileged actions. |
| 1.2 | modified | starksm | connector/src/main/org/jboss/resource/security/SecureIdentityLoginModule.java | Another example of how one could encrypt the database password for a jcaconnection factory. |
| 1.2 | modified | starksm | connector/src/main/org/jboss/resource/security/JaasSecurityDomainIdentityLoginModule.java | A login module for statically defining a data source username and password that uses a password that has been ecrypted by a JaasSecurityDomain. The base64 format of the data source password may be generated using the PBEUtils command: java -cp jbosssx.jar org.jboss.security.plugins.PBEUtils salt count domain-password data-source-password salt : the Salt attribute from the JaasSecurityDomain count : the IterationCount attribute from the JaasSecurityDomain domain-password : the plaintext password that maps to the KeyStorePass attribute from the JaasSecurityDomain data-source-password : the plaintext password for the data source that should be encrypted with the JaasSecurityDomain password |
| 1.9 | modified | starksm | connector/src/main/org/jboss/resource/security/AbstractPasswordCredentialLoginModule.java | Expose the MBeanServer ivar and use a privileged block to remove the subjectcredentials |
| 1.47 | modified | starksm | connector/src/main/org/jboss/resource/connectionmanager/BaseConnectionManager2.java | Update the use of priviledged code blocks to isolate the actions that should be permissioned based on the jboss permissions vs user code |
| 1.2 | modified | starksm | connector/src/etc/example-config/hsqldb-encrypted-ds.xml | The Hypersonic embedded database JCA connection factory config that illustrates the use of the JaasSecurityDomainIdentityLoginModule to use encrypted password in the data source configuration |
| 1.6 | modified | starksm | testsuite/src/main/org/jboss/test/util/test/PropertyEditorsUnitTestCase.java | Add an empty string test |
| 1.2 | modified | starksm | testsuite/src/main/org/jboss/test/security/test/JaasSecurityDomainUnitTestCase.java | Add tests of the JaasSecurityDomain encode/decode ops and new formats of theKeyStorePass attribute value. |
| 1.6 | modified | starksm | testsuite/src/resources/security-spec/service-inf/jboss-service.xml | Add Salt and IterationCount attributes |
| 1.2 | modified | starksm | testsuite/src/resources/security/jaassecdomain-tests-service.xml | Config for JaasSecurityDomain tests |
| 1.49 | modified | starksm | security/build.xml | Update the jbosssx-client.jar to include the PBEUtils and related classes |
| 1.12 | modified | starksm | security/src/main/org/jboss/security/auth/spi/DatabaseServerLoginModule.java | Allows subclasses to access ivars |
| 1.8 | modified | starksm | security/src/main/org/jboss/security/Util.java | Factor out the base64 utils |
| 1.4 | modified | starksm | security/src/main/org/jboss/security/AltClientLoginModule.java | Update the use of priviledged code blocks to isolate the actions that should be permissioned based on the jboss permissions vs user cod |
| 1.7 | modified | starksm | security/src/main/org/jboss/security/ClientLoginModule.java | Update the use of priviledged code blocks to isolate the actions that should be permissioned based on the jboss permissions vs user cod |
| 1.2 | modified | starksm | security/src/main/org/jboss/security/SecurityAssociationActions.java | Update the use of priviledged code blocks to isolate the actions that should be permissioned based on the jboss permissions vs user cod |
| 1.6 | modified | starksm | security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java | Generalize the KeyStorePass attribute to support non-plaintext values. The value is now one of: - The plaintext password for the KeyStore(or whatever format is used by the KeyStore). The toCharArray() value of the string is used without any manipulation. - A command to execute to obtain the plaintext password. The format is '{EXT}...' where the '...' is the exact command line that will be passed to the Runtime.exec(String) method to execute a platform command. The first line of the command output is used as the password. - A class to create to obtain the plaintext password. The format is '{CLASS}classname[:ctorarg]' where the '[:ctorarg]' is an optional string delimited by the ':' from the classname that will be passed to the classname ctor. The password is obtained from classname by invoking a 'char[] toCharArray()' method if found, otherwise, the 'String toString()' method is used. - The KeyStorePass is also used in combination with the Salt and IterationCount attributes to create a PBE secret key used with the encode/decode operations. |
| 1.17 | modified | starksm | security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java | Generalize the KeyStorePass attribute to support non-plaintext values. The value is now one of: - The plaintext password for the KeyStore(or whatever format is used by the KeyStore). The toCharArray() value of the string is used without any manipulation. - A command to execute to obtain the plaintext password. The format is '{EXT}...' where the '...' is the exact command line that will be passed to the Runtime.exec(String) method to execute a platform command. The first line of the command output is used as the password. - A class to create to obtain the plaintext password. The format is '{CLASS}classname[:ctorarg]' where the '[:ctorarg]' is an optional string delimited by the ':' from the classname that will be passed to the classname ctor. The password is obtained from classname by invoking a 'char[] toCharArray()' method if found, otherwise, the 'String toString()' method is used. - The KeyStorePass is also used in combination with the Salt and IterationCount attributes to create a PBE secret key used with the encode/decode operations. |
| 1.38 | modified | starksm | security/src/main/org/jboss/security/plugins/JaasSecurityManager.java | Factor out the common privileged actions |
| 1.25 | modified | starksm | security/src/main/org/jboss/security/plugins/JaasSecurityManagerService.java | Factor out the common privileged actions |
| 1.2 | modified | starksm | security/src/main/org/jboss/security/plugins/PBEUtils.java | Ecrypt a password using the JaasSecurityDomain password Usage: PBEUtils salt count domain-password password salt : the Salt attribute from the JaasSecurityDomain count : the IterationCount attribute from the JaasSecurityDomain domain-password : the plaintext password that maps to the KeyStorePass attribute from the JaasSecurityDomain password : the plaintext password that should be encrypted with the JaasSecurityDomain password |
| 1.2 | modified | starksm | security/src/main/org/jboss/security/Base64Utils.java | Base64 encoding/decoding utilities |
| 1.2 | modified | starksm | security/src/main/org/jboss/security/plugins/FilePassword.java | Read a password in opaque form to a file for use with the FilePassword accessor in conjunction with the JaasSecurityDomain {CLASS}org.jboss.security.plugins.FilePassword:password-file format of the KeyStorePass attribute. The original opaque password file can be created by running: java org.jboss.security.plugins.FilePassword salt count password password-file Running java org.jboss.security.plugins.FilePassword will generate a usage message. |
| 1.2 | modified | starksm | security/src/main/org/jboss/security/plugins/TmpFilePassword.java | Read a password from a file specified via the ctor and then overwrite the file contents with garbage, and then remove it. This may be used as a password accessor in conjunction with the JaasSecurityDomain {CLASS}org.jboss.security.plugins.TmpFilePassword:password-file format of the KeyStorePass attribute. |
| 1.2 | modified | starksm | security/src/main/org/jboss/security/plugins/SubjectActions.java | Common PrivilegedAction used by classes in the org.jboss.security.plugins package |
| 1.2 | modified | starksm | security/src/main/org/jboss/security/plugins/ConsolePassword.java | Read a password from the System.in stream. This may be used as a password accessor in conjunction with the JaasSecurityDomain {CLASS}org.jboss.security.plugins.ConsolePassword format of the KeyStorePass attribute. |
