Re: [Hawkular-dev] Getting rid of agent/server password in clear
On 11.08.2016 10:59, Heiko W.Rupp wrote:
Hey Mazz and Juca,
tl;dr: we need to get rid of clear text passwords in standalone.xml
As other secrets on the standalone.xml (like data source passwords) ,
the password should be stored in the vault.
https://developer.jboss.org/wiki/MaskingPasswordsForWildFlyUsingNon-inter...
for the Docker builds I can run (pseudocode):
docker run -e HAWKULAR_USER=jdoe -e HAWKULAR_PASSWORD=password
pilhuhn/hawkular-services
the startup in the image takes care that jdoe is added to the
users.properties file for JAAS
and the agent gets those env-variables as user/password and the agent
can talk to the
server (see also below).
This is not for a production setup, right? On a production setup, the
user storage should not be user.properties and alike. Those will (or
even, should) come from actual external sources, like LDAP, databases, ...
== Agent side
I recall that in the agent installer you have added some way of
'obfuscating' the password.
Vaults should be used for this. The good thing is that, AFAIK, no change
on the agent is required. The subsystem sees the actual clear text value
from the vault.
== Server side
Passing in the password like above to set up the server is equally bad
(perhaps a tiny bit less, as the
server is usually inside a more secured area than the agents).
I believe our docker images should be meant to be extended, so that
users can configure their user storage. The user.properties should be
seen as only a "placeholder"
- Juca.