Max,
as Jason pointed out. The challenges are the setup required.
If each of the elements you mention (mvn deploy plugin, cli, arquilian
etc) support PKI, then we can do that.
I am unsure that our users would want the added pain of setting up PKI.
Regards,
Anil
On 11/13/2011 12:49 PM, Max Rydahl Andersen wrote:
Hi,
Been thinking about the new username/password requirements.
These will make all examples that uses maven deploy plugin, cli scripts, arquillian,
jboss tools etc. to somehow
either tell users to type in their username and full password in clear text in pom.xml
and other files.
Which sounds worse to me than a default locked down to only localhost…but I'm not a
security expert :)
I was wondering how hard it would be to make the authentication support key based auth by
default and we make
the tools use ${user.name} and ${user.home}/.jboss/default.pub and .priv (or some other
name) for the public/private keys ?
Then the tooling (cli, IDE plugins etc.) could create these by default and examples could
use ${user.name} and ${user.home}/.jboss/default.pub as
the preconfigured parameters.
The examples would run out of the box and it would be limited to work from the machine
that actually got the right key ( simpler and more secure)
vs to the current AS7.1 master solution where examples won't run out of the box and
when configured will run from anywhere - i.e. harder and less secure)
WDYT ?
/max
http://about.me/maxandersen