Fórumok
Official support for storing the jdbc.default.password encrypted
Kevin Kocher, módosítva 11 év-val korábban
Official support for storing the jdbc.default.password encrypted
New Member Bejegyzések: 7 Csatlakozás dátuma: 2012.10.30. Legújabb bejegyzések
Not sure if I'm doing this correctly, but in reference to this thread:
http://www.liferay.com/community/forums/-/message_boards/view_message/12080537#_19_message_12080076
Either something in Liferay that officially supports storing the DB password encrypted in the portal-ext.properties file, or at least a callout that would allow me to decrypt the value and send it back during startup.
We have client requirements that absolutely will never allow plaintxt passwords stored on disk no matter what the file permissions are.
Thanks for your consideration.
http://www.liferay.com/community/forums/-/message_boards/view_message/12080537#_19_message_12080076
Either something in Liferay that officially supports storing the DB password encrypted in the portal-ext.properties file, or at least a callout that would allow me to decrypt the value and send it back during startup.
We have client requirements that absolutely will never allow plaintxt passwords stored on disk no matter what the file permissions are.
Thanks for your consideration.
Jorge Ferrer, módosítva 11 év-val korábban
RE: Official support for storing the jdbc.default.password encrypted
Liferay Legend Bejegyzések: 2871 Csatlakozás dátuma: 2006.08.31. Legújabb bejegyzések
Hi Kevin,
We've considered adding this in the past, but we ended up concluding that when this type of security is needed, you should use a DataSource and most app servers already have support for encryption of passwords. If we implemented it for portal.properties it would be yet another key to keep and distribute.
Makes sense?
We've considered adding this in the past, but we ended up concluding that when this type of security is needed, you should use a DataSource and most app servers already have support for encryption of passwords. If we implemented it for portal.properties it would be yet another key to keep and distribute.
Makes sense?
Hitoshi Ozawa, módosítva 11 év-val korábban
RE: Official support for storing the jdbc.default.password encrypted
Liferay Legend Bejegyzések: 7942 Csatlakozás dátuma: 2010.03.24. Legújabb bejegyzések
I agree with Jorge on this. Just use datasource to define database connection informaiton and encrypt password there.
JBoss:
https://community.jboss.org/wiki/JBossAS7SecuringPasswords
Tomcat:
http://stackoverflow.com/questions/129160/how-to-avoid-storing-passwords-in-the-clear-for-tomcats-server-xml-resource-def
JBoss:
https://community.jboss.org/wiki/JBossAS7SecuringPasswords
Tomcat:
http://stackoverflow.com/questions/129160/how-to-avoid-storing-passwords-in-the-clear-for-tomcats-server-xml-resource-def
Kevin Kocher, módosítva 11 év-val korábban
RE: Official support for storing the jdbc.default.password encrypted
New Member Bejegyzések: 7 Csatlakozás dátuma: 2012.10.30. Legújabb bejegyzések
Great, I will take a look at that information. It's a feature I wasn't aware of.
Thank you both for the explanation on this.
Thank you both for the explanation on this.