On 10/26/2011 02:28 PM, Aaron Freeman wrote:
The following password xmlns ... technique works great for database
definitions:
database
jndi-namejdbc/oracle/jndi-name
driver
typeoracle.jdbc.pool.OracleConnectionPoolDataSource/type
urljdbc:oracle:thin:@${com.database.server}:${com.database.port}:${com.database.sid}/url
user${com.database.username}/user
password xmlns:encryption=urn:java:com.company.encryption
encryption:Passwordabcdef/encryption:Password
/password
/driver
max-connections20/max-connections
max-idle-time60s/max-idle-time
/database
However this same technique does not work for jsse-ssl definitions.
jsse-ssl
key-store-typejks/key-store-type
key-store-file/opt/some/server/keys/some.kdb/key-store-file
password xmlns:encryption=urn:java:com.company.encryption
encryption:Passwordabcdef/encryption:Password
/password
cipher-suitesSSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA/cipher-suites
/jsse-ssl
I get the following error at startup:
/opt/company/server/conf/resin.xml:76: unable to create attribute
SetterAttribute[public void
com.caucho.vfs.JsseSSLFactory.setPassword(java.lang.String)] for
com.caucho.vfs.JsseSSLFactory@176f5261 and
QName[{http://caucho.com/ns/resin}password]
Once upon a time ago there was discussion that this would be added to
a future release. Any thoughts as to if that can happen easily?
I'll need to check why that's not happening for jsse.
We also have an open bug report to create a standard encryption class.
It wouldn't be totally secure, of course, but would be better than
plaintext.
-- Scott
Thanks,
Aaron
___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest
___
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest
