On Nov 14, 2011, at 04:22, Anil Saldhana wrote:
Max,
as Jason pointed out. The challenges are the setup required.
If each of the elements you mention (mvn deploy plugin, cli, arquilian
etc) support PKI, then we can do that.
I am unsure that our users would want the added pain of setting up PKI.
It's that vs having plain text username/passwords in your pom.xml and examples
won't run without it.
With a key based setup these things would be simpler.
/max
Regards,
Anil
On 11/13/2011 12:49 PM, Max Rydahl Andersen wrote:
> Hi,
>
> Been thinking about the new username/password requirements.
>
> These will make all examples that uses maven deploy plugin, cli scripts, arquillian,
jboss tools etc. to somehow
> either tell users to type in their username and full password in clear text in
pom.xml and other files.
>
> Which sounds worse to me than a default locked down to only localhost…but I'm not
a security expert :)
>
> I was wondering how hard it would be to make the authentication support key based
auth by default and we make
> the tools use ${user.name} and ${user.home}/.jboss/default.pub and .priv (or some
other name) for the public/private keys ?
>
> Then the tooling (cli, IDE plugins etc.) could create these by default and examples
could use ${user.name} and ${user.home}/.jboss/default.pub as
> the preconfigured parameters.
>
> The examples would run out of the box and it would be limited to work from the
machine that actually got the right key ( simpler and more secure)
> vs to the current AS7.1 master solution where examples won't run out of the box
and when configured will run from anywhere - i.e. harder and less secure)
>
> WDYT ?
>
> /max
>
http://about.me/maxandersen
>
_______________________________________________
jboss-as7-dev mailing list
jboss-as7-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
/max
http://about.me/maxandersen