Re: Is the cipherkey still a constant? (get rid of remember me stack traces in the log)

Steinar Bang Sat, 12 Apr 2025 12:22:23 -0700

>>>>> Steinar Bang <[email protected]>:
>>>>> lenny-5o6p1tln9c5dpfhejli6iq-xmd5yjdbdmrexy1tmh2...@public.gmane.org:
>> famous last words he he :)


> I have a plan! :-)

This is what I did:
 1. One new OSGi service to return a cipherKey
     
https://github.com/steinarb/authservice/blob/fc6c29fb5cede9d9f3e8d4212124adc815ac6cf6/authservice/authservice.definitions/src/main/java/no/priv/bang/authservice/definitions/CipherKeyService.java#L18

 2. An SCR component that checks karaf config for an existing cipherKey
    and creates and saves the new cipherKey in config if none can be
    found and returns the cipherKey from the service definend in 1
     
https://github.com/steinarb/authservice/blob/fc6c29fb5cede9d9f3e8d4212124adc815ac6cf6/authservice/authservice.web.security.cipherkey/src/main/java/no/priv/bang/authservice/web/security/cipherkey/ChipherKeyServiceProvider.java#L32

 3. Set the cipherkey in the shiro setup
     
https://github.com/steinarb/authservice/blob/fc6c29fb5cede9d9f3e8d4212124adc815ac6cf6/authservice/authservice.web.security/src/main/java/no/priv/bang/authservice/web/security/AuthserviceShiroFilter.java#L86

The old log error have gone away.

But now I have a new one...
 https://gist.github.com/steinarb/63621658a7c5a1529f9f56998fdf4a37

Re: Is the cipherkey still a constant? (get rid of remember me stack traces in the log)

Reply via email to