[security-dev] Vault to store sensitive data
Stefan Guilhen
sguilhen at redhat.com
Mon Apr 14 16:15:47 EDT 2014
I believe this is the jira Anil is talking about
https://issues.jboss.org/browse/WFLY-1904 - its been fixed for WF
8.0.0.CR1.
On 04/14/2014 03:43 PM, Anil Saldhana wrote:
> The system properties functionality in WildFly may not be ready to take vault expressions. I remember seeing a JIRA issue for that. Could you take a look at the WFLY JIRA (as I am at an airport and will take time to dig the issue)?
>
> Vault can be used for any sensitive data.
>
>> On Apr 14, 2014, at 12:51 PM, Bruno Oliveira <bruno at abstractj.org> wrote:
>>
>> Good morning, I would like to know if Vaults from PicketBox are specific
>> for datasources or any kind of sensitive data. I would like to store a
>> key material, used for encryption and not sure if this is the correct
>> configuration for it:
>>
>> - standalone.xml
>>
>> <system-properties>
>> <property name="key-material"
>> value="${VAULT::ds_SecurityVaultDS::password::2DyuLAae8wP.pSsrT/gGhn}"/>
>> </system-properties>
>>
>>
>> <vault>
>> <vault-option name="KEYSTORE_URL"
>> value="/servers/wildfly-current/vault/vault.keystore"/>
>> <vault-option name="KEYSTORE_PASSWORD"
>> value="MASK-2DyuLAae8wP.pSsrT/gGhn"/>
>> <vault-option name="KEYSTORE_ALIAS" value="vault"/>
>> <vault-option name="SALT" value="2bzeScxo"/>
>> <vault-option name="ITERATION_COUNT" value="16"/>
>> <vault-option name="ENC_FILE_DIR"
>> value="/servers/wildfly-current/vault/"/>
>> </vault>
>>
>> This is the stack trace when Wildfly is initialized:
>> https://gist.github.com/abstractj/4542c7cf1aa8a36ebad9. I would
>> appreciate any pointers to the documentation.
>>
>> --
>> abstractj
>>
>>
>> _______________________________________________
>> security-dev mailing list
>> security-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/security-dev
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
More information about the security-dev
mailing list