[jboss-jira] [JBoss JIRA] (SECURITY-674) allow overriding "secret" private key in SecureIdentityLoginModule
Radai Rosenblatt (JIRA)
jira-events at lists.jboss.org
Wed Jul 25 05:12:08 EDT 2012
Radai Rosenblatt created SECURITY-674:
-----------------------------------------
Summary: allow overriding "secret" private key in SecureIdentityLoginModule
Key: SECURITY-674
URL: https://issues.jboss.org/browse/SECURITY-674
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Feature Request
Security Level: Public (Everyone can see)
Affects Versions: PicketBox_v4_0_7
Reporter: Radai Rosenblatt
Assignee: Anil Saldhana
SecureIdentityLoginModule uses a private key (a string) in its encode() and decode() methods.
now, this being open source, said key as very private :-)
it'd be very nice if i could somehow override this magic string at runtime - a system property (or any more secure way you can come up with)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list