You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by km...@apache.org on 2017/08/25 23:38:09 UTC
geode git commit: GEODE-3512 Doc removal of gfsh encrypt password
Repository: geode
Updated Branches:
refs/heads/develop 6212dd563 -> 5ab519768
GEODE-3512 Doc removal of gfsh encrypt password
This revises the documentation to go with GEODE-1958.
This closes #741
Project: http://git-wip-us.apache.org/repos/asf/geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/geode/commit/5ab51976
Tree: http://git-wip-us.apache.org/repos/asf/geode/tree/5ab51976
Diff: http://git-wip-us.apache.org/repos/asf/geode/diff/5ab51976
Branch: refs/heads/develop
Commit: 5ab519768745a3466c1d356d34aa1bc215cba0b2
Parents: 6212dd5
Author: Karen Miller <km...@pivotal.io>
Authored: Thu Aug 24 10:55:32 2017 -0700
Committer: Karen Miller <km...@pivotal.io>
Committed: Fri Aug 25 16:37:02 2017 -0700
----------------------------------------------------------------------
.../source/subnavs/geode-subnav.erb | 6 ---
...guring_db_connections_using_JNDI.html.md.erb | 12 ++---
.../authentication_overview.html.md.erb | 4 --
.../security/encrypting_passwords.html.md.erb | 49 -----------------
.../gfsh/command-pages/encrypt.html.md.erb | 57 --------------------
.../gfsh/gfsh_command_index.html.md.erb | 4 --
.../gfsh/quick_ref_commands_by_area.html.md.erb | 1 -
7 files changed, 6 insertions(+), 127 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/geode/blob/5ab51976/geode-book/master_middleman/source/subnavs/geode-subnav.erb
----------------------------------------------------------------------
diff --git a/geode-book/master_middleman/source/subnavs/geode-subnav.erb b/geode-book/master_middleman/source/subnavs/geode-subnav.erb
index 788923d..0cf911b 100644
--- a/geode-book/master_middleman/source/subnavs/geode-subnav.erb
+++ b/geode-book/master_middleman/source/subnavs/geode-subnav.erb
@@ -589,9 +589,6 @@ limitations under the License.
<a href="/docs/guide/12/managing/security/implementing_authentication.html">Implementing Authentication</a>
</li>
<li>
- <a href="/docs/guide/12/managing/security/encrypting_passwords.html">Encrypting Passwords for Use in cache.xml</a>
- </li>
- <li>
<a href="/docs/guide/12/managing/security/encrypting_with_diffie_hellman.html">Encrypt Credentials with Diffie-Hellman</a>
</li>
<li>
@@ -1938,9 +1935,6 @@ gfsh</a>
<a href="/docs/guide/12/tools_modules/gfsh/command-pages/echo.html">echo</a>
</li>
<li>
- <a href="/docs/guide/12/tools_modules/gfsh/command-pages/encrypt.html">encrypt password</a>
- </li>
- <li>
<a href="/docs/guide/12/tools_modules/gfsh/command-pages/execute.html">execute function</a>
</li>
<li>
http://git-wip-us.apache.org/repos/asf/geode/blob/5ab51976/geode-docs/developing/transactions/configuring_db_connections_using_JNDI.html.md.erb
----------------------------------------------------------------------
diff --git a/geode-docs/developing/transactions/configuring_db_connections_using_JNDI.html.md.erb b/geode-docs/developing/transactions/configuring_db_connections_using_JNDI.html.md.erb
index f58d04e..8125132 100644
--- a/geode-docs/developing/transactions/configuring_db_connections_using_JNDI.html.md.erb
+++ b/geode-docs/developing/transactions/configuring_db_connections_using_JNDI.html.md.erb
@@ -46,7 +46,7 @@ The following sections show example `cache.xml` files configured for each of the
The example shows a `cache.xml` file configured for a pool of `XAPooledDataSource` connections connected to the data resource `newDB`.
-The log-in and blocking timeouts are set lower than the defaults. The connection information, including `user-name` and `password`, is set in the `cache.xml` file, instead of waiting until connection time. The password is encrypted; for details, see [Encrypting Passwords for Use in cache.xml](../../managing/security/encrypting_passwords.html#topic_730CC61BA84F421494956E2B98BDE2A1).
+The log-in and blocking timeouts are set lower than the defaults. The connection information, including `user-name` and `password`, is set in the `cache.xml` file, instead of waiting until connection time. The password is not encrypted.
When specifying the configuration properties for JCA-implemented database drivers that support XA transactions (in other words, **XAPooledDataSource**), you must use configuration properties to define the datasource connection instead of the `connection-url` attribute of the `<jndi-binding>` element. Configuration properties differ depending on your database vendor. Specify JNDI binding properties through the `config-property` tag, as shown in this example. You can add as many `config-property` tags as required.
@@ -73,7 +73,7 @@ load-factor="0.75" concurrency-level="16" statistics-enabled="true">
login-timeout-seconds="10"
xa-datasource-class="org.apache.derby.jdbc.EmbeddedXADataSource"
user-name="mitul"
- password="encrypted(83f0069202c571faf1ae6c42b4ad46030e4e31c17409e19a)">
+ password="thecleartextpassword">
<config-property>
<config-property-name>Description</config-property-name>
<config-property-type>java.lang.String</config-property-type>
@@ -218,7 +218,7 @@ load-factor="0.75" concurrency-level="16" statistics-enabled="true">
login-timeout-seconds="10"
managed-conn-factory-class="com.myvendor.connection.ConnFactory"
user-name="mitul"
- password="encrypted(83f0069202c571faf1ae6c42b4ad46030e4e31c17409e19a)">
+ password="thecleartextpassword">
<config-property>
<config-property-name>Description</config-property-name>
<config-property-type>java.lang.String</config-property-type>
@@ -243,7 +243,7 @@ load-factor="0.75" concurrency-level="16" statistics-enabled="true">
## PooledDataSource Example (Derby)
-Use the `PooledDataSource` and `SimpleDataSource` connections for operations executed outside of any transaction. This example shows a `cache.xml` file configured for a pool of `PooledDataSource` connections to the data resource `newDB`. For this non-transactional connection pool, the log-in and blocking timeouts are set higher than for the transactional connection pools in the two previous examples. The connection information, including `user-name` and `password`, is set in the `cache.xml` file, instead of waiting until connection time. The password is encrypted; for details, see [Encrypting Passwords for Use in cache.xml](../../managing/security/encrypting_passwords.html#topic_730CC61BA84F421494956E2B98BDE2A1).
+Use the `PooledDataSource` and `SimpleDataSource` connections for operations executed outside of any transaction. This example shows a `cache.xml` file configured for a pool of `PooledDataSource` connections to the data resource `newDB`. For this non-transactional connection pool, the log-in and blocking timeouts are set higher than for the transactional connection pools in the two previous examples. The connection information, including `user-name` and `password`, is set in the `cache.xml` file, instead of waiting until connection time. The password is not encrypted.
``` pre
<?xml version="1.0"?>
@@ -270,7 +270,7 @@ initial-capacity="16" load-factor="0.75" concurrency-level="16" statistics-enabl
login-timeout-seconds="30"
conn-pooled-datasource-class="org.apache.derby.jdbc.EmbeddedConnectionPoolDataSource"
user-name="mitul"
- password="encrypted(83f0069202c571faf1ae6c42b4ad46030e4e31c17409e19a)">
+ password="thecleartextpassword">
<config-property>
<config-property-name>Description</config-property-name>
<config-property-type>java.lang.String</config-property-type>
@@ -319,7 +319,7 @@ load-factor="0.75" concurrency-level="16" statistics-enabled="true">
jndi-name="oldDB1"
jdbc-driver-class="org.apache.derby.jdbc.EmbeddedDriver"
user-name="mitul"
- password="password"
+ password="thecleartextpassword"
connection-url="jdbc:derby:newDB;create=true">
. . .
</jndi-binding>
http://git-wip-us.apache.org/repos/asf/geode/blob/5ab51976/geode-docs/managing/security/authentication_overview.html.md.erb
----------------------------------------------------------------------
diff --git a/geode-docs/managing/security/authentication_overview.html.md.erb b/geode-docs/managing/security/authentication_overview.html.md.erb
index 0a6e0c5..5bbf576 100644
--- a/geode-docs/managing/security/authentication_overview.html.md.erb
+++ b/geode-docs/managing/security/authentication_overview.html.md.erb
@@ -27,10 +27,6 @@ system such as peers, clients, and those connecting to a JMX manager.
All components of the distributed system authenticate the same way,
through a custom-written method.
-- **[Encrypting Passwords for Use in cache.xml](encrypting_passwords.html)**
-
- <%=vars.product_name_long%> provides a gfsh utility to generate encrypted passwords.
-
- **[Encrypt Credentials with Diffie-Hellman](encrypting_with_diffie_hellman.html)**
For secure transmission of sensitive information, like passwords, you can encrypt credentials using the Diffie-Hellman key exchange algorithm.
http://git-wip-us.apache.org/repos/asf/geode/blob/5ab51976/geode-docs/managing/security/encrypting_passwords.html.md.erb
----------------------------------------------------------------------
diff --git a/geode-docs/managing/security/encrypting_passwords.html.md.erb b/geode-docs/managing/security/encrypting_passwords.html.md.erb
deleted file mode 100644
index c0e36ad..0000000
--- a/geode-docs/managing/security/encrypting_passwords.html.md.erb
+++ /dev/null
@@ -1,49 +0,0 @@
----
-title: Encrypting Passwords for Use in cache.xml
----
-
-<!--
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
--->
-<a id="topic_730CC61BA84F421494956E2B98BDE2A1"></a>
-
-
-<%=vars.product_name_long%> provides a gfsh utility to generate encrypted passwords.
-
-You may need to specify an encrypted password in `cache.xml` when configuring JNDI connections to external JDBC data sources. See [Configuring Database Connections Using JNDI](../../developing/transactions/configuring_db_connections_using_JNDI.html#topic_A5E3A67C808D48C08E1F0DC167C5C494) for configuration examples.
-
-The `cache.xml` file accepts passwords in clear text or encrypted text.
-
-To generate an encrypted password, use the [encrypt password](../../tools_modules/gfsh/command-pages/encrypt.html#concept_2B834B0AC8EE44C6A7F85CC66B1D6E18__section_F3D0959AF6264A3CB1821383B2AE4407) command in `gfsh`. The following example shows a sample command invocation and output (assuming `my_password` is the actual password for the data source). After you [start gfsh](../../tools_modules/gfsh/starting_gfsh.html#concept_DB959734350B488BBFF91A120890FE61), enter the following command:
-
-``` pre
-gfsh>encrypt password --password=my_password
-AB80B8E1EE8BB5701D0366E2BA3C3754
-```
-
-Copy the output from the `gfsh` command to the `cache.xml` file as the value of the password attribute of the `jndi-binding` tag embedded in `encrypted()`, just like a method parameter. Enter it as encrypted, in this format:
-
-``` pre
-password="encrypted(83f0069202c571faf1ae6c42b4ad46030e4e31c17409e19a)"
-```
-
-To use a non-encrypted (clear text) password, put the actual password as the value of the password attribute of the `jndi-binding` tag, like this:
-
-``` pre
-password="password"
-```
-
-
http://git-wip-us.apache.org/repos/asf/geode/blob/5ab51976/geode-docs/tools_modules/gfsh/command-pages/encrypt.html.md.erb
----------------------------------------------------------------------
diff --git a/geode-docs/tools_modules/gfsh/command-pages/encrypt.html.md.erb b/geode-docs/tools_modules/gfsh/command-pages/encrypt.html.md.erb
deleted file mode 100644
index f07db1f..0000000
--- a/geode-docs/tools_modules/gfsh/command-pages/encrypt.html.md.erb
+++ /dev/null
@@ -1,57 +0,0 @@
----
-title: encrypt password
----
-
-<!--
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
--->
-
-Encrypt a password for later use.
-
-## <a id="concept_2B834B0AC8EE44C6A7F85CC66B1D6E18__section_F3D0959AF6264A3CB1821383B2AE4407" class="no-quick-link"></a>encrypt password
-
-Encrypt a password for use in data source configuration. See [Configuring Database Connections Using JNDI](../../../developing/transactions/configuring_db_connections_using_JNDI.html#topic_A5E3A67C808D48C08E1F0DC167C5C494) and [Encrypting Passwords for Use in cache.xml](../../../managing/security/encrypting_passwords.html#topic_730CC61BA84F421494956E2B98BDE2A1) for more information on how to use these encrypted passwords.
-
-**Availability:** Online or offline.
-
-**Syntax:**
-
-``` pre
-encrypt password --password=value
-```
-
-<a id="concept_2B834B0AC8EE44C6A7F85CC66B1D6E18__table_uvh_gch_2w"></a>
-
-| | |
-|---------------------------------------------------|----------------------------------------------|
-| <span class="keyword parmname">\\-\\-password </span> | *Required.* Password string to be encrypted. |
-
-<span class="tablecap">Table 1. Encrypt Password Parameters</span>
-
-**Example Commands:**
-
-``` pre
-encrypt password --password=Aht23fbd1234#q
-```
-
-**Sample Output:**
-
-``` pre
-gfsh>encrypt password --password=Aht23fbd1234#q
-21793243D4F4B1C90B032D0CC0A80821
-```
-
-
http://git-wip-us.apache.org/repos/asf/geode/blob/5ab51976/geode-docs/tools_modules/gfsh/gfsh_command_index.html.md.erb
----------------------------------------------------------------------
diff --git a/geode-docs/tools_modules/gfsh/gfsh_command_index.html.md.erb b/geode-docs/tools_modules/gfsh/gfsh_command_index.html.md.erb
index 2798096..0098ba2 100644
--- a/geode-docs/tools_modules/gfsh/gfsh_command_index.html.md.erb
+++ b/geode-docs/tools_modules/gfsh/gfsh_command_index.html.md.erb
@@ -85,10 +85,6 @@ This section provides help and usage information on all `gfsh` commands, listed
Echo the given text, which may include system and user variables.
-- **[encrypt password](../../tools_modules/gfsh/command-pages/encrypt.html)**
-
- Encrypt a password for later use.
-
- **[execute function](../../tools_modules/gfsh/command-pages/execute.html)**
Execute functions on members or regions.
http://git-wip-us.apache.org/repos/asf/geode/blob/5ab51976/geode-docs/tools_modules/gfsh/quick_ref_commands_by_area.html.md.erb
----------------------------------------------------------------------
diff --git a/geode-docs/tools_modules/gfsh/quick_ref_commands_by_area.html.md.erb b/geode-docs/tools_modules/gfsh/quick_ref_commands_by_area.html.md.erb
index 33dd44e..0a52229 100644
--- a/geode-docs/tools_modules/gfsh/quick_ref_commands_by_area.html.md.erb
+++ b/geode-docs/tools_modules/gfsh/quick_ref_commands_by_area.html.md.erb
@@ -25,7 +25,6 @@ limitations under the License.
|-----------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------|
| [debug](command-pages/debug.html) | Enable or disable debugging output in `gfsh`. | online, offline |
| [echo](command-pages/echo.html) | Echo the given text, which may include system and user variables. | online, offline |
-| [encrypt password](command-pages/encrypt.html#concept_2B834B0AC8EE44C6A7F85CC66B1D6E18__section_F3D0959AF6264A3CB1821383B2AE4407) | Encrypt a password for later use. | online, offline |
| [exit](command-pages/exit.html) | Exit the gfsh shell. You can also use `quit` to exit the shell. | online, offline |
| [help](command-pages/help.html) | If the argument is a gfsh command, displays syntax and usage information for the command. If there are no arguments, displays a list of all available commands. | online, offline |
| [hint](command-pages/hint.html) | Display information on topics and a list of commands associated with a topic. | online, offline |