[teiid-issues] [JBoss JIRA] Resolved: (TEIID-702) Define/Provide ways to create and use encrypted passwords in Teiid

Ramesh Reddy (JIRA) jira-events at lists.jboss.org
Wed Jul 8 18:27:51 EDT 2009 

     [ https://jira.jboss.org/jira/browse/TEIID-702?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ramesh Reddy resolved TEIID-702.
--------------------------------

    Resolution: Done
      Assignee: Ramesh Reddy


Modified "run.sh/run.bat" scripts such if a "teiid.keystore" file is not found, a new key along with its keystore is generated for use by the runtime engine. This keystore will be used to decrypt any passwords that are in encrypted form in the configuration.

Also added "encrypt.sh/encrypt.bat" files in in the "bin" folder of the kit. This enables user to supply a "clear text" password and this utility will generate the equivalent "ciphered" text using the "teiid.keystore" cert file. This encoded text can be embedded inside the configuration of the runtime engine, which the runtime knows how to correctly decrypt and use for its purposes.

It is developer's responsibility to manually generate these encrypted passwords and provide them in the configuration instead of the clear text passwords during the deployment, if they seek the protection with the clear text passwords. 

It is recommended that, Teiid Designer should just use "clear text" passwords during the VDB building, and user will convert these "clear text" into encrypted during deployment. Otherwise, the VDB's during deployment will always fail with unable to decrypt messages for its connector bindings as the "teiid.keystore" is not shared between Designer and Teiid runtime. (need to log this as enhancement in designer)

> Define/Provide ways to create and use encrypted passwords in Teiid
> ------------------------------------------------------------------
>
>                 Key: TEIID-702
>                 URL: https://jira.jboss.org/jira/browse/TEIID-702
>             Project: Teiid
>          Issue Type: Task
>          Components: Common
>            Reporter: Ramesh Reddy
>            Assignee: Ramesh Reddy
>             Fix For: 6.2.0
>
>
> Teiid runtime is capable of decrypting the encrypted passwords from the Teiid Designer (when the same key certs are used), however does not provide a mechanism to provide a utility to encrypt passwords itself. Often times the Designer might be using a different certificate or may be the user did not use the Designer at all. So, Teiid needs
> 1) Script to create a new certificate for password encryption
> 2) Script to encrypt a given password
> 3) Integration of the this cert with runtime, such that it can decrypt password(s) at runtime.
> 4) Documentation as how this can be done.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the teiid-issues mailing list