[jira] Closed: (GERONIMO-411) Add Hash Password Rewrite to File Realm
[ https://issues.apache.org/jira/browse/GERONIMO-411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Donald Woods closed GERONIMO-411. - Resolution: Fixed Fix Version/s: (was: 2.0.x) 2.0.2 Resolved by GERONIMO-2925 Add Hash Password Rewrite to File Realm --- Key: GERONIMO-411 URL: https://issues.apache.org/jira/browse/GERONIMO-411 Project: Geronimo Issue Type: Improvement Components: security Affects Versions: 1.0-M2, 1.2 Reporter: Aaron Mulder Assignee: Donald Woods Priority: Minor Fix For: 2.1, 2.0.2 Attachments: properties-realm.patch It would be nice if the properties file realm could rewrite your properties file with hashed passwords when it reads it. We would need to be able to recognize hashed vs. unhashed entries and perhaps even different algorithms. Perhaps it could go like this: user1=plaintext user2=MD5{...} user3=SHA1{...} Anyway, the idea is that this could be a reasonably secure alternative, but you still wouldn't need to manually hash things to add or update entries -- just put a plain text entry in and the next time the server reads the file it would hash it for you. I guess we'd need to synchronize on the hash operation to avoid threading problems if multiple apps or whatever use the same properties file, but it shouldn't be bad if we only rewrite the file if we find any plain text entries. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Closed: (GERONIMO-411) Add Hash Password Rewrite to File Realm
[ https://issues.apache.org/jira/browse/GERONIMO-411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Donald Woods closed GERONIMO-411. - Resolution: Duplicate Fix Version/s: (was: 2.0.x) Already solved by GERONIMO-1880 Add Hash Password Rewrite to File Realm --- Key: GERONIMO-411 URL: https://issues.apache.org/jira/browse/GERONIMO-411 Project: Geronimo Issue Type: Improvement Components: security Affects Versions: 1.0-M2, 1.2 Reporter: Aaron Mulder Assignee: Donald Woods Priority: Minor Attachments: properties-realm.patch It would be nice if the properties file realm could rewrite your properties file with hashed passwords when it reads it. We would need to be able to recognize hashed vs. unhashed entries and perhaps even different algorithms. Perhaps it could go like this: user1=plaintext user2=MD5{...} user3=SHA1{...} Anyway, the idea is that this could be a reasonably secure alternative, but you still wouldn't need to manually hash things to add or update entries -- just put a plain text entry in and the next time the server reads the file it would hash it for you. I guess we'd need to synchronize on the hash operation to avoid threading problems if multiple apps or whatever use the same properties file, but it shouldn't be bad if we only rewrite the file if we find any plain text entries. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.