[DAS] Password Encryption

[Ole Ersoy <ol...@gmail.com>]

Hey Guys,

The DAS reads the JNDI connection's password
form the DAS's configuration file.

Right now I have the default set to "secret",
in plain text.

I'm thinking there should be a small utility
that comes with the DAS that generates a checksum (md5, sha1)
of the password that the user wants, and then the user
puts that in the configuration file.

After the DAS reads the configuration file, it decrypts
the password and adds it to the environment map used
by the connection.

Ideally the property used to store the decrypted password
is write only.  I think java security has some stuff for that,
but I gotta investigate.

Sound ok?

Thanks,
- Ole

Re: [DAS] Password Encryption

[Ole Ersoy <ol...@gmail.com>]

Hey Stefan,

Stefan Seelmann wrote:

SNIP

> Hm, md5 or sha1 couldn't be decrypted, as you said they are checksums.
> What about using Password-based encryption {PBE}?

DOH!

Yes - That's what I meant... :-)

Sound ok otherwise?

Thanks,
- Ole




> 
> Stefan
> 

Re: [DAS] Password Encryption

[Stefan Seelmann <se...@apache.org>]

> 
> I'm thinking there should be a small utility
> that comes with the DAS that generates a checksum (md5, sha1)
> of the password that the user wants, and then the user
> puts that in the configuration file.
> 
> After the DAS reads the configuration file, it decrypts
> the password and adds it to the environment map used
> by the connection.
> 

Hm, md5 or sha1 couldn't be decrypted, as you said they are checksums.
What about using Password-based encryption {PBE}?

Stefan