[jboss-jira] [JBoss JIRA] (SECURITY-543) Simplify / Centralise Datasource Password Encryption
Darran Lofthouse (JIRA)
issues at jboss.org
Mon Jun 13 09:47:01 EDT 2016
[ https://issues.jboss.org/browse/SECURITY-543?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse resolved SECURITY-543.
---------------------------------------
Fix Version/s: 2.0.3.Beta2
Resolution: Out of Date
> Simplify / Centralise Datasource Password Encryption
> ----------------------------------------------------
>
> Key: SECURITY-543
> URL: https://issues.jboss.org/browse/SECURITY-543
> Project: PicketBox
> Issue Type: Feature Request
> Components: PicketBox
> Reporter: Darran Lofthouse
> Assignee: Stefan Guilhen
> Fix For: 2.0.3.Beta2
>
>
> Where the datasource passwords differ the current approach to encrypt a datasource password requires a one to one mapping between the datasource and the security domain, for deployments with a large number of datasources this means an equal number of security domains also need to be defined.
> This feature request is to review the options available to simplify this mapping between the datasource configuration and the domain to decrypt the password.
> One suggestion is to store the encrypted for of the password with the datasource and use only a single security domain to decrypt all passwords.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list