While it would certainly be good to have this feature out of the box,
it can be implemented by registering a WebConsoleSecurityProvider service.
For an example using declarative services and a PBKDF2 hash,
see project com.amplifino.nestor.webconsole.security in repo
https://github.com/Amplifino/nestor
On 24/04/2016 13:26, Ferry Huberts wrote:
So thanks for all the replies.
But especially for webconsole, the password can be a hash, much like
is the /etc/passwd files on Unix systems.
Would a feature request bug on this make any chance when I file it?
On 24/04/16 13:18, Roland Tepp wrote:
Console (weather accessed over web or ssh) should be a trusted
environment.
If a untrusted user gains access to you console you have much more
serious
problems than access to some configuration options.
On Sun, 24 Apr 2016 at 02:29, Carsten Ziegeler <[email protected]>
wrote:
Peter Kriens wrote
You could adjust cm to recognize a macro and expand that macro to
something local like a file, a system property, or an environment
variable.
That is how I solved it in the Configurer. Works very well on Travis
that allows you to configure with encrypted data that is decrypted as
environment variables.
This still has the problem that the decrypted data is visible to
everyone (via web console etc.)
Carsten
--
Carsten Ziegeler
Adobe Research Switzerland
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
