You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Donald Woods (JIRA)" <de...@geronimo.apache.org> on 2006/03/08 19:40:40 UTC
[jira] Created: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
----------------------------------------------------------------------------
Key: GERONIMO-1716
URL: http://issues.apache.org/jira/browse/GERONIMO-1716
Project: Geronimo
Type: Improvement
Components: security
Versions: 1.0, 1.1, 1.2
Environment: Any
Reporter: Donald Woods
Assigned to: Donald Woods
Priority: Minor
Fix For: 1.2
Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Sachin Patel (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1716?page=comments#action_12423085 ]
Sachin Patel commented on GERONIMO-1716:
----------------------------------------
Could you provide an updated patch as the current patch fails...
patching file applications/console-core/src/java/org/apache/geronimo/console/core/security/PropertiesLoginModuleManager.java
Hunk #1 FAILED at 25.
Hunk #2 succeeded at 64 with fuzz 2.
Hunk #3 succeeded at 85 with fuzz 2 (offset 10 lines).
Hunk #4 FAILED at 96.
Hunk #5 FAILED at 154.
Hunk #6 succeeded at 224 (offset 36 lines).
Hunk #7 FAILED at 259.
Hunk #8 FAILED at 295.
Hunk #9 FAILED at 352.
6 out of 9 hunks FAILED -- saving rejects to file applications/console-core/src/java/org/apache/geronimo/console/core/security/PropertiesLoginModuleManager.java.rej
(Stripping trailing CRs from patch.)
patching file applications/console-standard/src/java/org/apache/geronimo/console/util/SERealmUserHelper.java
(Stripping trailing CRs from patch.)
patching file modules/security/project.xml
Hunk #1 FAILED at 6.
Hunk #2 succeeded at 100 (offset 9 lines).
1 out of 2 hunks FAILED -- saving rejects to file modules/security/project.xml.rej
(Stripping trailing CRs from patch.)
patching file modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java
Hunk #1 succeeded at 22 with fuzz 2 (offset -22 lines).
Hunk #2 FAILED at 39.
Hunk #3 succeeded at 91 with fuzz 2 (offset -3 lines).
Hunk #4 succeeded at 141 (offset -3 lines).
1 out of 4 hunks FAILED -- saving rejects to file modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java.rej
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: http://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.2
> Environment: Any
> Reporter: Donald Woods
> Priority: Minor
> Fix For: 1.1.1
>
> Attachments: Geronimo-1716.patch
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Matt Hogstrom (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1716?page=all ]
Matt Hogstrom updated GERONIMO-1716:
------------------------------------
Fix Version/s: 1.1.2
1.2
(was: 1.1.1)
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: http://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.2
> Environment: Any
> Reporter: Donald Woods
> Assigned To: Donald Woods
> Priority: Minor
> Fix For: 1.1.2, 1.2
>
> Attachments: Geronimo-1716.patch
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Donald Woods (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-1716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Donald Woods updated GERONIMO-1716:
-----------------------------------
Affects Version/s: 2.0
1.1.1
Fix Version/s: (was: Wish List)
2.0-beta1
Assignee: (was: Donald Woods)
Unassigning so a committer can grab it.
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: https://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.1.1, 1.2, 2.0
> Environment: Any
> Reporter: Donald Woods
> Priority: Minor
> Fix For: 2.0-beta1
>
> Attachments: G1716.patch
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Donald Woods (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-1716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Donald Woods updated GERONIMO-1716:
-----------------------------------
Attachment: (was: Geronimo-1716.patch)
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: https://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.2
> Environment: Any
> Reporter: Donald Woods
> Assigned To: Donald Woods
> Priority: Minor
> Fix For: Wish List
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Matt Hogstrom (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1716?page=all ]
Matt Hogstrom updated GERONIMO-1716:
------------------------------------
Fix Version/s: Wish List
(was: 1.1.2)
(was: 1.2)
Current patch does not appliy. This is an improvement that would be nice. Moving to wishlist.
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: http://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.2
> Environment: Any
> Reporter: Donald Woods
> Assigned To: Donald Woods
> Priority: Minor
> Fix For: Wish List
>
> Attachments: Geronimo-1716.patch
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Matt Hogstrom (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1716?page=all ]
Matt Hogstrom updated GERONIMO-1716:
------------------------------------
Fix Version: 1.1.1
(was: 1.2)
(was: 1.1)
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: http://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Type: Improvement
> Security: public(Regular issues)
> Components: security
> Versions: 1.0, 1.1, 1.2
> Environment: Any
> Reporter: Donald Woods
> Assignee: Donald Woods
> Priority: Minor
> Fix For: 1.1.1
> Attachments: Geronimo-1716.patch
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Donald Woods (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1716?page=all ]
Donald Woods updated GERONIMO-1716:
-----------------------------------
Attachment: Geronimo-1716.patch
New/updated passwords through the console will get encrypted when saved, using the SimpleEncryption class as the deployer tool uses.
Hand edits to the users.properties file will get encrypted the next time the server is started by the Console provided PropertiesLoginModuleManager GBean.
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: http://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Type: Improvement
> Components: security
> Versions: 1.0, 1.1, 1.2
> Environment: Any
> Reporter: Donald Woods
> Assignee: Donald Woods
> Priority: Minor
> Fix For: 1.2
> Attachments: Geronimo-1716.patch
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Donald Woods (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1716?page=all ]
Donald Woods updated GERONIMO-1716:
-----------------------------------
Geronimo Info: [Patch Available]
Fix Version: 1.1
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: http://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Type: Improvement
> Components: security
> Versions: 1.0, 1.1, 1.2
> Environment: Any
> Reporter: Donald Woods
> Assignee: Donald Woods
> Priority: Minor
> Fix For: 1.2, 1.1
> Attachments: Geronimo-1716.patch
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Assigned: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Donald Woods (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-1716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Donald Woods reassigned GERONIMO-1716:
--------------------------------------
Assignee: Donald Woods
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: https://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.1.1, 1.2, 2.0-M5
> Environment: Any
> Reporter: Donald Woods
> Assigned To: Donald Woods
> Priority: Minor
> Fix For: 2.0-M3
>
> Attachments: G1716.patch
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Sachin Patel (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1716?page=all ]
Sachin Patel updated GERONIMO-1716:
-----------------------------------
Assignee: (was: Donald Woods)
Unassigning this so it can be picked up by a committer for inclusion in 1.1.1
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: http://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.2
> Environment: Any
> Reporter: Donald Woods
> Priority: Minor
> Fix For: 1.1.1
>
> Attachments: Geronimo-1716.patch
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Closed: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Donald Woods (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-1716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Donald Woods closed GERONIMO-1716.
----------------------------------
Resolution: Fixed
Committed revision 558586
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: https://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.1.1, 1.2, 2.0-M5
> Environment: Any
> Reporter: Donald Woods
> Assignee: Donald Woods
> Priority: Minor
> Fix For: 2.0-M7
>
> Attachments: G1716.patch
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Donald Woods (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-1716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Donald Woods updated GERONIMO-1716:
-----------------------------------
Attachment: G1716.patch
Updated patch created against server/trunk.
Patch includes additional logging and fixed duplicated code by using refeshUsers/Groups throughout.
Encryption of user properties file is option, by including the optional attribute of encrypt=Standard, which has been added to the j2ee-security plan, so the default users.properties file will now be encrypted on the first server startup and will encrypt Console added users as they are added or hand added entries on the next server restart.
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: https://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.2
> Environment: Any
> Reporter: Donald Woods
> Assigned To: Donald Woods
> Priority: Minor
> Fix For: Wish List
>
> Attachments: G1716.patch
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Donald Woods (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1716?page=all ]
Donald Woods reassigned GERONIMO-1716:
--------------------------------------
Assignee: Donald Woods
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: http://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.2
> Environment: Any
> Reporter: Donald Woods
> Assigned To: Donald Woods
> Priority: Minor
> Fix For: 1.1.1
>
> Attachments: Geronimo-1716.patch
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-1716) Add usage of SimpleEncryption to
PropertiesFileLoginModule and Admin Console
Posted by "Donald Woods (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-1716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Donald Woods updated GERONIMO-1716:
-----------------------------------
Fix Version/s: (was: 2.0-M3)
2.0-M5
Moving to M5 as the target release
> Add usage of SimpleEncryption to PropertiesFileLoginModule and Admin Console
> ----------------------------------------------------------------------------
>
> Key: GERONIMO-1716
> URL: https://issues.apache.org/jira/browse/GERONIMO-1716
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0, 1.1, 1.1.1, 1.2, 2.0-M5
> Environment: Any
> Reporter: Donald Woods
> Assigned To: Donald Woods
> Priority: Minor
> Fix For: 2.0-M5
>
> Attachments: G1716.patch
>
>
> Enhancement to the default PropertiesFileLoginModule and Console to encrypt user passwords in users.properties.
> To do this, PropertiesFileLoginModule and Console will be updated to use the SimpleEncryption utility class, just like the deployer, to read/write passwords that have the {Simple} key in front of encrypted passwords.
> The loadProperties() method in PropertiesFileLoginModule will also be updated to rewrite the users.properties file if it detects unencrypted passwords, which will allow users to manually edit the file to update a password and then have it automatically encrypted when the next login event occurs.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.