[security-dev] Vault to store sensitive data

Bruno Oliveira bruno at abstractj.org
Mon Apr 14 15:52:52 EDT 2014 

Sure, np. Thank you Anil


On Mon, Apr 14, 2014 at 3:43 PM, Anil Saldhana <asaldhan at redhat.com> wrote:

> The system properties functionality in WildFly may not be ready to take
> vault expressions. I remember seeing a JIRA issue for that. Could you take
> a look at the WFLY JIRA (as I am at an airport and will take time to dig
> the issue)?
>
> Vault can be used for any sensitive data.
>
> > On Apr 14, 2014, at 12:51 PM, Bruno Oliveira <bruno at abstractj.org>
> wrote:
> >
> > Good morning, I would like to know if Vaults from PicketBox are specific
> > for datasources or any kind of sensitive data. I would like to store a
> > key material, used for encryption and not sure if this is the correct
> > configuration for it:
> >
> > - standalone.xml
> >
> >   <system-properties>
> >       <property name="key-material"
> > value="${VAULT::ds_SecurityVaultDS::password::2DyuLAae8wP.pSsrT/gGhn}"/>
> >    </system-properties>
> >
> >
> >   <vault>
> >        <vault-option name="KEYSTORE_URL"
> > value="/servers/wildfly-current/vault/vault.keystore"/>
> >        <vault-option name="KEYSTORE_PASSWORD"
> > value="MASK-2DyuLAae8wP.pSsrT/gGhn"/>
> >        <vault-option name="KEYSTORE_ALIAS" value="vault"/>
> >        <vault-option name="SALT" value="2bzeScxo"/>
> >        <vault-option name="ITERATION_COUNT" value="16"/>
> >        <vault-option name="ENC_FILE_DIR"
> > value="/servers/wildfly-current/vault/"/>
> >    </vault>
> >
> > This is the stack trace when Wildfly is initialized:
> > https://gist.github.com/abstractj/4542c7cf1aa8a36ebad9. I would
> > appreciate any pointers to the documentation.
> >
> > --
> > abstractj
> >
> >
> > _______________________________________________
> > security-dev mailing list
> > security-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/security-dev
>



-- 

-- 
"The measure of a man is what he does with power" - Plato
-
@abstractj
-
Volenti Nihil Difficile
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/security-dev/attachments/20140414/0041e5fe/attachment.html

More information about the security-dev mailing list