[teiid-issues] [JBoss JIRA] (TEIID-2108) JDBC socket is not encrypting client messages by default

RH Bugzilla Integration (JIRA) jira-events at lists.jboss.org
Tue Jul 24 17:23:06 EDT 2012 

    [ https://issues.jboss.org/browse/TEIID-2108?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12707634#comment-12707634 ] 

RH Bugzilla Integration commented on TEIID-2108:
------------------------------------------------

Van Halbert <vhalbert at redhat.com> made a comment on [bug 842340|https://bugzilla.redhat.com/show_bug.cgi?id=842340]


    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Note that this is not a jar fix, but a fix to the teiid-jboss-beans.xml configuration.  Modify the config file to use a JDBC socket ssl configuration mode of logIn.

...
<bean name="JdbcSslConfiguration" class="org.teiid.transport.SSLConfiguration">
  <!-- can be one of disabled, login, or enabled 
             disabled = no transport or message level security will be used
             login = only the login traffic will be encrypted at a message level
                     using 128 bit AES with an ephemerial DH key exchange. 
                     No other config values are needed in this mode
             enabled = traffic will be secured using this configuration
  -->
  <property name="mode">login</property>
…

change ">login<"  to  ">logIn<"

<property name="mode">logIn</property>
                
> JDBC socket is not encrypting client messages by default
> --------------------------------------------------------
>
>                 Key: TEIID-2108
>                 URL: https://issues.jboss.org/browse/TEIID-2108
>             Project: Teiid
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 7.1.1
>            Reporter: Steven Hawkins
>            Assignee: Johnathon Lee
>            Priority: Blocker
>             Fix For: 7.7.1, 8.1
>
>
> The default configuration for the server should encrypt client login traffic.  However the SSLConfiguration class is checking for a value of logIn, not login as specified in the 8.x and 7.x configs.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the teiid-issues mailing list