[ http://nagoya.apache.org/jira/browse/GERONIMO-411?page=comments#action_54887 ] Aaron Mulder commented on GERONIMO-411: ---------------------------------------
And of course we'd need a new property on the realm to enable this, perhaps a "hashAlgirithm" properity and if you don't set it then you get the default plain text behavior. > Add Hash Password Rewrite to File Realm > --------------------------------------- > > Key: GERONIMO-411 > URL: http://nagoya.apache.org/jira/browse/GERONIMO-411 > Project: Apache Geronimo > Type: Improvement > Components: security > Versions: 1.0-M2 > Reporter: Aaron Mulder > Priority: Minor > > It would be nice if the properties file realm could rewrite your properties > file with hashed passwords when it reads it. We would need to be able to > recognize hashed vs. unhashed entries and perhaps even different algorithms. > Perhaps it could go like this: > user1=plaintext > user2=MD5{...} > user3=SHA1{...} > Anyway, the idea is that this could be a reasonably secure alternative, but > you still wouldn't need to manually hash things to add or update entries -- > just put a plain text entry in and the next time the server reads the file it > would hash it for you. > I guess we'd need to synchronize on the hash operation to avoid threading > problems if multiple apps or whatever use the same properties file, but it > shouldn't be bad if we only rewrite the file if we find any plain text > entries. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://nagoya.apache.org/jira/secure/Administrators.jspa - If you want more information on JIRA, or have a bug to report see: http://www.atlassian.com/software/jira
