Add Hash Password Rewrite to File Realm
---------------------------------------
Key: GERONIMO-411
URL: http://nagoya.apache.org/jira/browse/GERONIMO-411
Project: Apache Geronimo
Type: Improvement
Components: security
Versions: 1.0-M2
Reporter: Aaron Mulder
Priority: Minor
It would be nice if the properties file realm could rewrite your properties
file with hashed passwords when it reads it. We would need to be able to
recognize hashed vs. unhashed entries and perhaps even different algorithms.
Perhaps it could go like this:
user1=plaintext
user2=MD5{...}
user3=SHA1{...}
Anyway, the idea is that this could be a reasonably secure alternative, but you
still wouldn't need to manually hash things to add or update entries -- just
put a plain text entry in and the next time the server reads the file it would
hash it for you.
I guess we'd need to synchronize on the hash operation to avoid threading
problems if multiple apps or whatever use the same properties file, but it
shouldn't be bad if we only rewrite the file if we find any plain text entries.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://nagoya.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
