[jboss-jira] [JBoss JIRA] (AS7-3419) JBossWeb::ssl element in connector settings should check for vaultified strings

Tuesday, 31 January 2012

    [
https://issues.jboss.org/browse/AS7-3419?page=com.atlassian.jira.plugin.s...
] 

Tomaz Cerar commented on AS7-3419:
----------------------------------

I have created quick fix that just resolves expression for attribute password and that
unmasked password is then used inside WebConnectorService.
Proper fix should be as Brian suggested using AttributeDefinition. 

...
 JBossWeb::ssl element in connector settings should check for
vaultified strings
 -------------------------------------------------------------------------------

                 Key: AS7-3419
                 URL: https://issues.jboss.org/browse/AS7-3419
             Project: Application Server 7
          Issue Type: Feature Request
          Components: Web
    Affects Versions: 7.1.0.CR1
            Reporter: Anil Saldhana
            Assignee: Tomaz Cerar
             Fix For: 7.1.0.Final

 Currently, the passwords in the ssl element of the connector settings are in clear text. 

 https://community.jboss.org/wiki/JBossAS7SecuringPasswords   describes very simple ways
of checking whether a string is of the vault format and invoking the vault to get the
decrypted string value. 
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-jira] [JBoss JIRA] (AS7-3419) JBossWeb::ssl element in connector settings should check for vaultified strings