Bug 1021819

Summary: AUTH and ENCRYPT protocols configured with plain text passwords
Product: [JBoss] JBoss Data Grid 6 Reporter: Martin Gencur <mgencur>
Component: DocumentationAssignee: gsheldon
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.2.0CC: bban, jdg-bugs, mhusnain, mjc, pslavice, sjacobs, ttarrant, vjuranek
Target Milestone: GA   
Target Release: 6.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-01-27 23:44:12 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1172038    
Bug Blocks:    

Description Martin Gencur 2013-10-22 07:23:24 UTC
See description in the JIRA bug.

Comment 2 JBoss JIRA Server 2013-10-23 13:37:33 UTC
Bela Ban <bela> made a comment on jira JGRP-1721

All passwords can be set *programmatically* instead of via XML config files. When JGroups {{AUTH}} and {{ENCRYPT}} are run within EAP, I envisage that credentials, passwords, usernames etc are injected into the JGroups subsystem by EAP.

Is this still an issue ?

Comment 3 JBoss JIRA Server 2013-10-24 21:29:56 UTC
David Jorm <djorm> made a comment on jira JGRP-1721

Usage of vault is a mandatory security feature where applicable, i.e. in XML config files for a component that will run on WildFly/EAP. When passwords are set programmatically by the user, or via another mechanism, then it is not applicable.

Comment 4 JBoss JIRA Server 2013-10-29 14:32:23 UTC
Tristan Tarrant <ttarrant> made a comment on jira JGRP-1721

Protocol property values in the jgroups subsystem support expressions, and therefore transitively support ${VAULT::...}  expansion

Comment 5 JBoss JIRA Server 2014-03-28 07:46:21 UTC
Bela Ban <bela> updated the status of jira JGRP-1721 to Resolved

Comment 6 gsheldon 2014-12-04 03:04:38 UTC
Adding Needinfo for Tristan.

Tristan, can you direct me to the programmatic configuration for keystore name and password? Is that all that is required to resolve this issue in documentation?

Thanks,

Gemma.

Comment 19 Vojtech Juranek 2015-01-09 08:50:03 UTC
Hi Gemma,
looks good to me, thanks!
Vojta