[keycloak-dev] Password storage and KDFs
Bruno Oliveira
bruno at abstractj.org
Wed Jan 22 09:39:11 EST 2014
We did something on AeroGear with property file (not perfect), but I would like to look at Keycloak before suggest anything. Maybe is possible implement using the KeyStore from Java?
--
abstractj
On January 22, 2014 at 12:31:05 PM, Bill Burke (bburke at redhat.com) wrote:
> > BTW, we'll have to think of something similar to protect realm
> private
> keys. Getting access to the private key of a realm would be 1000
> times
> worse than getting the PW database as you could write a token giving
> any
> permission you wanted.
>
> Any ideas? Maybe a master boot password which is used to encrypt
> the
> private keys? Which is entered on server startup?
More information about the keycloak-dev
mailing list