[jboss-jira] [JBoss JIRA] Commented: (AS7-1622) Security Vault for attributes

[ https://issues.jboss.org/browse/AS7-1622?page=com.atlassian.jira.plugin.s... ] Anil Saldhana commented on AS7-1622: ------------------------------------ =========== Security Vault: http://anonsvn.jboss.org/repos/picketbox/trunk/security-spi/spi/src/main/... Vault Factory: http://anonsvn.jboss.org/repos/picketbox/trunk/security-spi/spi/src/main/... Default Implementation: http://anonsvn.jboss.org/repos/picketbox/trunk/security-jboss-sx/jbosssx/... Basically, I am envisioning a vault element in the security domain model where users can configure their pet vault implementation from 3rd party ISVs. One of the usecases was to have full AES encryption for passwords in EAP. That is something 3rd party vendors should provide for EAP. But this vault concept allows us to provide that feature. Here is the test I wrote: http://anonsvn.jboss.org/repos/picketbox/trunk/security-jboss-sx/jbosssx/... The user will be configuring a keystore whose password will be masked. That is the weak link. Rest all is AES encrypted. ============== -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira