You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@shindig.apache.org by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org> on 2011/10/12 21:29:13 UTC
[jira] [Commented] (SHINDIG-1636) Create a KeyProvider to provide
an encryption key to the SecurityToken workflow
[ https://issues.apache.org/jira/browse/SHINDIG-1636?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13126072#comment-13126072 ]
jiraposter@reviews.apache.org commented on SHINDIG-1636:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/2362/
-----------------------------------------------------------
Review request for Ryan Baxter, Dan Dumont and Jesse Ciancetta.
Summary
-------
Currently, org.apache.shindig.auth.BlobCrypterSecurityTokenCodec.loadContainers(ContainerConfig, Collection<String>, Map<String, BlobCrypter>, Map<String, String>) reads an encryption key from a keyfile to instantiate the BlobCrypter. The keyfile is defined in the container.js. An improvement to this behavior would be to provide an injectable KeyProvider class that can return the key. This would allow the key to reside anywhere instead of in a static keyfile.
Initial review to Dan, Ryan, and Jesse. Once we've decided that this seems like a rational approach, I'll add the dev list.
This addresses bug SHINDIG-1636.
https://issues.apache.org/jira/browse/SHINDIG-1636
Diffs
-----
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java 1182524
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java 1182524
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/KeyFileKeyProvider.java PRE-CREATION
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/KeyProvider.java PRE-CREATION
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java 1182524
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java 1182524
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/DefaultSecurityTokenCodecTest.java 1182524
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/KeyFileKeyProviderTest.java PRE-CREATION
Diff: https://reviews.apache.org/r/2362/diff
Testing
-------
Updated and ran existing JUnits.
Created new JUnits for the new KeyFileKeyProvider.
Performed manual functional tests with encrypted security tokens in the sample common container.
Thanks,
Stanton
> Create a KeyProvider to provide an encryption key to the SecurityToken workflow
> -------------------------------------------------------------------------------
>
> Key: SHINDIG-1636
> URL: https://issues.apache.org/jira/browse/SHINDIG-1636
> Project: Shindig
> Issue Type: Improvement
> Components: Java
> Reporter: Stanton Sievers
> Original Estimate: 48h
> Remaining Estimate: 48h
>
> Currently, org.apache.shindig.auth.BlobCrypterSecurityTokenCodec.loadContainers(ContainerConfig, Collection<String>, Map<String, BlobCrypter>, Map<String, String>) reads an encryption key from a keyfile to instantiate the BlobCrypter. The keyfile is defined in the container.js. An improvement to this behavior would be to provide an injectable KeyProvider class that can return the key. This would allow the key to reside anywhere instead of in a static keyfile.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira