LDAP Integration project
by Anil Saldhana
Hi all,
we do ldap testing in a bunch of PBox and PL projects. To reduce the
redundancy and make it standalone, I created a picketbox-ldap project
for embedding ldap server and unit testing ldap based code.
https://docs.jboss.org/author/display/SECURITY/PicketBox+LDAP+Server
It is a standalone project with dependency on ApacheDS alone.
We are already using it in PicketBox Core project.
Next I will be using it to provide the ldap provider for the PicketLink
IDM project.
You are welcome to use it in your own projects.
Regards,
Anil
12 years, 3 months
Re: [security-dev] Where's requirements doc?
by Anil Saldhana
On 08/22/2012 04:52 PM, Anil Saldhana wrote:
> Bill,
> I created it at
> https://community.jboss.org/wiki/SecurityRequirementsDocument
>
> I think I still need to add a lot of information to it.
>
> Regards,
> Anil
>
> On 08/22/2012 04:51 PM, Bill Burke wrote:
>> Anil,
>>
>> You were going to expand on the requirements doc. What you linked a few
>> weeks ago was way to insufficient. You need to go through and list
>> every feature of Picketlink, every new feature you want to add,
>> requirements that are required to implement those features, etc. Then
>> you need to pass them around so others can add to the list, and then
>> everybody can sign off and say, "Hey this is great". Then you'll be
>> able to design something solid...
>>
>> Bill
>>
>
12 years, 4 months
Where's requirements doc?
by Bill Burke
Anil,
You were going to expand on the requirements doc. What you linked a few
weeks ago was way to insufficient. You need to go through and list
every feature of Picketlink, every new feature you want to add,
requirements that are required to implement those features, etc. Then
you need to pass them around so others can add to the list, and then
everybody can sign off and say, "Hey this is great". Then you'll be
able to design something solid...
Bill
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
12 years, 4 months
Database driven Java Keystore
by Anil Saldhana
Hi all,
you are familiar with the file based standard Java keystore. KeyTool
is a command line utility to deal with the standard keystore.
The challenges with a file based keystore are plenty:
a) Each node in a cluster needs to have a local copy. NFS based keystore
does solve this problem.
b) Updates to keystore need to be done with each copy in a cluster.
I put in a DB backed keystore that is standalone with dependence on
Bouncycastle jars alone.
https://docs.jboss.org/author/display/SECURITY/Java+Keystores
There are multiple TBD items listed on the page.
There is a master salt. It is used to MD5 hash+salt the keystore
password (master password) and also individual key passwords.
Feedback welcome.
Regards,
Anil
12 years, 4 months