Re: [security-dev] Vault to store sensitive data
The system properties functionality in WildFly may not be ready to take vault expressions.
I remember seeing a JIRA issue for that. Could you take a look at the WFLY JIRA (as I am
at an airport and will take time to dig the issue)?
Vault can be used for any sensitive data.
On Apr 14, 2014, at 12:51 PM, Bruno Oliveira
<bruno(a)abstractj.org> wrote:
Good morning, I would like to know if Vaults from PicketBox are specific
for datasources or any kind of sensitive data. I would like to store a
key material, used for encryption and not sure if this is the correct
configuration for it:
- standalone.xml
<system-properties>
<property name="key-material"
value="${VAULT::ds_SecurityVaultDS::password::2DyuLAae8wP.pSsrT/gGhn}"/>
</system-properties>
<vault>
<vault-option name="KEYSTORE_URL"
value="/servers/wildfly-current/vault/vault.keystore"/>
<vault-option name="KEYSTORE_PASSWORD"
value="MASK-2DyuLAae8wP.pSsrT/gGhn"/>
<vault-option name="KEYSTORE_ALIAS" value="vault"/>
<vault-option name="SALT" value="2bzeScxo"/>
<vault-option name="ITERATION_COUNT" value="16"/>
<vault-option name="ENC_FILE_DIR"
value="/servers/wildfly-current/vault/"/>
</vault>
This is the stack trace when Wildfly is initialized:
https://gist.github.com/abstractj/4542c7cf1aa8a36ebad9. I would
appreciate any pointers to the documentation.
--
abstractj
_______________________________________________
security-dev mailing list
security-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev