You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ofbiz.apache.org by "Hans Bakker (JIRA)" <ji...@apache.org> on 2015/06/10 21:59:00 UTC

[jira] [Commented] (OFBIZ-6494) New implementation of the two-way cryptographic services of OFBiz based on Apache Shiro

    [ https://issues.apache.org/jira/browse/OFBIZ-6494?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14581002#comment-14581002 ] 

Hans Bakker commented on OFBIZ-6494:
------------------------------------

thank you Jacopo, also for the junit tests....great improvement...

> New implementation of the two-way cryptographic services of OFBiz based on Apache Shiro
> ---------------------------------------------------------------------------------------
>
>                 Key: OFBIZ-6494
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-6494
>             Project: OFBiz
>          Issue Type: New Feature
>          Components: framework
>            Reporter: Jacopo Cappellato
>            Assignee: Jacopo Cappellato
>             Fix For: Upcoming Branch
>
>
> New implementation of the two-way cryptographic services of OFBiz based on Apache Shiro:
> * two-way encryption is now delegated to Apache Shiro, with stronger initialization vectors
> * the mechanism is backward compatible
> * new tools to update the encryption of private keys, useful to upgrade older versions of OFBiz and most of all to replace old keys with new ones (this is critical to implement stronger security practices as requested by PCI) 
> * unit tests



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)