You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@geronimo.apache.org by "Vamsavardhana Reddy (JIRA)" <ji...@apache.org> on 2006/12/07 20:21:25 UTC

[jira] Closed: (GERONIMO-1135) Keystore password in System.properties

     [ http://issues.apache.org/jira/browse/GERONIMO-1135?page=all ]

Vamsavardhana Reddy closed GERONIMO-1135.
-----------------------------------------

    Resolution: Fixed

Removing the keystore related system properties did not seem to break anything.  Removed "SystemProperties" GBean definition altogether from the plan since there are no properties to set.

Fixed in rev 483612.

> Keystore password in System.properties
> --------------------------------------
>
>                 Key: GERONIMO-1135
>                 URL: http://issues.apache.org/jira/browse/GERONIMO-1135
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security
>    Affects Versions: 1.0-M5
>            Reporter: Aaron Mulder
>         Assigned To: Vamsavardhana Reddy
>            Priority: Critical
>             Fix For: 1.2, 2.0-M1
>
>
> If you look at the System properties, the keystore and trust store passwords are in there.  I'm not sure who puts them in there, but we need to find a way to stop that -- or else prevent applications from reading them?

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Re: [jira] Closed: (GERONIMO-1135) Keystore password in System.properties

Posted by Vamsavardhana Reddy <c1...@gmail.com>.

David,

I guess the better place for that would be in the documentation.  Do we want
to have redundant GBean definitions in configurations just to show how to
use them?  Or am I missing some point?

Vamsi

On 12/8/06, David Jencks <da...@yahoo.com> wrote:
>
> I kinda think we might want to keep the empty SystemProperties gbean
> to make it more obvious where to set them in config.xml. If we do
> this we should include an empty override in config.xml.  What do
> others think?
>
> thanks
> david jencks
>
> On Dec 7, 2006, at 11:21 AM, Vamsavardhana Reddy (JIRA) wrote:
>
> >      [ http://issues.apache.org/jira/browse/GERONIMO-1135?page=all ]
> >
> > Vamsavardhana Reddy closed GERONIMO-1135.
> > -----------------------------------------
> >
> >     Resolution: Fixed
> >
> > Removing the keystore related system properties did not seem to
> > break anything.  Removed "SystemProperties" GBean definition
> > altogether from the plan since there are no properties to set.
> >
> > Fixed in rev 483612.
> >
> >> Keystore password in System.properties
> >> --------------------------------------
> >>
> >>                 Key: GERONIMO-1135
> >>                 URL: http://issues.apache.org/jira/browse/
> >> GERONIMO-1135
> >>             Project: Geronimo
> >>          Issue Type: Bug
> >>      Security Level: public(Regular issues)
> >>          Components: security
> >>    Affects Versions: 1.0-M5
> >>            Reporter: Aaron Mulder
> >>         Assigned To: Vamsavardhana Reddy
> >>            Priority: Critical
> >>             Fix For: 1.2, 2.0-M1
> >>
> >>
> >> If you look at the System properties, the keystore and trust store
> >> passwords are in there.  I'm not sure who puts them in there, but
> >> we need to find a way to stop that -- or else prevent applications
> >> from reading them?
> >
> > --
> > This message is automatically generated by JIRA.
> > -
> > If you think it was sent incorrectly contact one of the
> > administrators: http://issues.apache.org/jira/secure/
> > Administrators.jspa
> > -
> > For more information on JIRA, see: http://www.atlassian.com/
> > software/jira
> >
> >
>
>

Re: [jira] Closed: (GERONIMO-1135) Keystore password in System.properties

Posted by David Jencks <da...@yahoo.com>.

I kinda think we might want to keep the empty SystemProperties gbean  
to make it more obvious where to set them in config.xml. If we do  
this we should include an empty override in config.xml.  What do  
others think?

thanks
david jencks

On Dec 7, 2006, at 11:21 AM, Vamsavardhana Reddy (JIRA) wrote:

>      [ http://issues.apache.org/jira/browse/GERONIMO-1135?page=all ]
>
> Vamsavardhana Reddy closed GERONIMO-1135.
> -----------------------------------------
>
>     Resolution: Fixed
>
> Removing the keystore related system properties did not seem to  
> break anything.  Removed "SystemProperties" GBean definition  
> altogether from the plan since there are no properties to set.
>
> Fixed in rev 483612.
>
>> Keystore password in System.properties
>> --------------------------------------
>>
>>                 Key: GERONIMO-1135
>>                 URL: http://issues.apache.org/jira/browse/ 
>> GERONIMO-1135
>>             Project: Geronimo
>>          Issue Type: Bug
>>      Security Level: public(Regular issues)
>>          Components: security
>>    Affects Versions: 1.0-M5
>>            Reporter: Aaron Mulder
>>         Assigned To: Vamsavardhana Reddy
>>            Priority: Critical
>>             Fix For: 1.2, 2.0-M1
>>
>>
>> If you look at the System properties, the keystore and trust store  
>> passwords are in there.  I'm not sure who puts them in there, but  
>> we need to find a way to stop that -- or else prevent applications  
>> from reading them?
>
> -- 
> This message is automatically generated by JIRA.
> -
> If you think it was sent incorrectly contact one of the  
> administrators: http://issues.apache.org/jira/secure/ 
> Administrators.jspa
> -
> For more information on JIRA, see: http://www.atlassian.com/ 
> software/jira
>
>