[jboss-jira] [JBoss JIRA] (SECURITY-674) allow overriding "secret" private key in SecureIdentityLoginModule
Anil Saldhana (JIRA)
jira-events at lists.jboss.org
Tue Jul 31 11:02:07 EDT 2012
[ https://issues.jboss.org/browse/SECURITY-674?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Anil Saldhana reassigned SECURITY-674:
--------------------------------------
Assignee: Stefan Guilhen (was: Anil Saldhana)
> allow overriding "secret" private key in SecureIdentityLoginModule
> ------------------------------------------------------------------
>
> Key: SECURITY-674
> URL: https://issues.jboss.org/browse/SECURITY-674
> Project: PicketBox (JBoss Security and Identity Management)
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Affects Versions: PicketBox_v4_0_7
> Reporter: Radai Rosenblatt
> Assignee: Stefan Guilhen
>
> SecureIdentityLoginModule uses a private key (a string) in its encode() and decode() methods.
> now, this being open source, said key isnt very private :-)
> it'd be very nice if i could somehow override this magic string at runtime - a system property (or any more secure way you can come up with)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list