[
https://issues.apache.org/jira/browse/GERONIMO-3003?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jack Cai updated GERONIMO-3003:
-------------------------------
Attachment: GERONIMO-3003.cmd.22.patch
GERONIMO-3003.cmd.21.patch
Attaching the patch to add a command to the deploy commandline to do an
encryption. Typical usage:
Use a running server to do the encryption so that the encryption setting of
that server will be used:
deploy(.sh|.bat) -h localhost -p 1099 encrypt sometext
Use the common simple encrption so that no running server is required
deploy(.sh|.bat) -o encrypt sometext
Tested with 2.2 branch.
> Encrypt password strings in deployment plans
> --------------------------------------------
>
> Key: GERONIMO-3003
> URL: https://issues.apache.org/jira/browse/GERONIMO-3003
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: deployment
> Affects Versions: Wish List
> Reporter: Aman Nanner
> Priority: Minor
> Fix For: Wish List
>
> Attachments: GERONIMO-3003-2.2-2.patch, GERONIMO-3003.cmd.21.patch,
> GERONIMO-3003.cmd.22.patch, GERONIMO-3003.patch, GERONIMO-3003_21.patch
>
>
> Geronimo currently has a feature where password strings in the config.xml get
> encrypted using the {{org.apache.geronimo.util.EncryptionManager}}. This
> encryption is performed in the
> {{org.apache.geronimo.system.configuration.GBeanOverride}} class.
> It would be desirable to have the same encryption applied to the password
> strings in deployment plans (e.g. datasource or JMS deployment plans within
> an EAR). Even though the plans are only used during the deployment process,
> and not at runtime, the plans are left with plaintext password strings
> sitting in them. It would be nice if the deployment process could internally
> encrypt the strings and then write back out the deployment plan to the file
> system. Also, this means that the deployment process will require the
> ability to decrypt strings that are already in encrypted format in the plan
> (in the case of redeployment, for example).
> More discussion of this feature can be found in the following mailing list
> thread:
> http://www.mail-archive.com/u...@geronimo.apache.org/msg05859.html
> I would suggest that an appropriate spot to perform the encryption is in the
> {{org.apache.geronimo.j2ee.deployment.EARConfigBuilder}} class, perhaps in
> the following code just before the file is written to a temporary file:
> ----
> if (gerModule.isSetAltDd()) {
> // the the url of the alt dd
> try {
> altVendorDDs.put(path,
> DeploymentUtil.toTempFile(earFile, gerModule.getAltDd().getStringValue()));
> } catch (IOException e) {
> throw new DeploymentException("Invalid alt vendor
> dd url: " + gerModule.getAltDd().getStringValue(), e);
> }
> ----
> However, somebody more familiar with the design might be able to suggest a
> better solution.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
