[jboss-jira] [JBoss JIRA] Updated: (JBAS-2895) Extend SecureIdentityLoginModule to externalize the secret
Dimitris Andreadis (JIRA)
jira-events at jboss.com
Mon Sep 11 04:44:43 EDT 2006
[ http://jira.jboss.com/jira/browse/JBAS-2895?page=all ]
Dimitris Andreadis updated JBAS-2895:
-------------------------------------
Fix Version/s: JBossAS-4.0.6.CR1
(was: JBossAS-4.0.5.GA)
> Extend SecureIdentityLoginModule to externalize the secret
> ----------------------------------------------------------
>
> Key: JBAS-2895
> URL: http://jira.jboss.com/jira/browse/JBAS-2895
> Project: JBoss Application Server
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: JCA service, Security
> Affects Versions: JBossAS-4.0.3 SP1, JBossAS-3.2.8 Final
> Reporter: Scott M Stark
> Assigned To: Scott M Stark
> Fix For: JBossAS-4.0.6.CR1
>
>
> The SecureIdentityLoginModule is a simple security by obscurity approach to hiding the jca password. Having the secret used by the PBE externalized with an ability to hash it reversibly would make this more flexible.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list