Bug 780576 (SOA-3012)

Summary: Allow for pluggable password encryption/decryption mechanism for FilePassword in esb
Product: [JBoss] JBoss Enterprise SOA Platform 5 Reporter: Matt Davis <mattd>
Component: JBossESBAssignee: tcunning
Status: CLOSED NEXTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: 5.0.2, 5.1.0 GACC: jolee, kejohnso, rwagner
Target Milestone: ---   
Target Release: 5.2.0.ER6   
Hardware: Unspecified   
OS: Unspecified   
URL: http://jira.jboss.org/jira/browse/SOA-3012
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-11-15 09:24:50 UTC Type: Feature Request
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Matt Davis 2011-04-06 20:31:23 UTC 
Affects: Release Notes
Help Desk Ticket Reference: https://c.na7.visual.force.com/apex/Case_View?id=500A0000004q5qs&sfdc.override=1
project_key: SOA

The customer would like the ability to plugin their own encryption implementation for FilePassword. This would be similar to how the FilePassword mechanism works in the JaasSecurityDomain mbean, but using their own pluggable password encryption mechanism. For instance, in the jbossesb-properties, they would like to specify <property name="org.jboss.soa.esb.services.security.publicKeystorePassword" value="testKeystorePassword"/> using their own plugin implementation. Currently the implementation is hard coded and not pluggable.
Comment 1 Matt Davis 2011-04-06 20:32:06 UTC 
Link: Added: This issue is related to JBESB-3555
Comment 2 Rick Wagner 2011-07-26 18:30:47 UTC 
Per DOC-53797:

"The goal of this process is  to provide a quick and clear response to the customer - we should respond to the request withing two weeks. The response has to be unambgious - if we have rejected the enhancement a reason needs to be provided; if it is accepted then a release version has to be commited to."

Ken, can we please make a decision on this ASAP?
Comment 5 Rick Wagner 2011-10-25 13:46:41 UTC 
Discussed in SOA PM meeting 10/25/2011.  Will try to put this into 5.2.  We will need to tell the customer about the change through the ticket, need to add to doc next cycle.
Comment 6 Anne-Louise Tangring 2011-10-25 13:47:18 UTC 
We will allow this into the release. Low risk.
Comment 7 Anne-Louise Tangring 2011-10-25 13:47:18 UTC 
Release Notes Docs Status: Added: Not Yet Documented
Affects: Added: Release Notes
Comment 8 tcunning 2011-10-26 05:13:38 UTC 
Patch committed for ER6.
Comment 9 tcunning 2011-10-26 23:14:07 UTC 
Link: Added: This issue relates to JBESB-3704
Comment 10 David Le Sage 2011-11-09 02:57:32 UTC 
Release Notes Docs Status: Removed: Not Yet Documented Added: Documented as Resolved Issue
Writer: Added: dlesage
Release Notes Text: Added: https://issues.jboss.org/browse/SOA-3012

There is now a pluggable password encryption/decryption mechanism  for the ESB's FilePassword.  This is similar to how the FilePassword mechanism works in the JaasSecurityDomain mbean, but you can uses your own pluggable password encryption mechanism. For instance, in the jbossesb-properties, you can specify property name="org.jboss.soa.esb.services.security.publicKeystorePassword" value="testKeystorePassword" using your plugin implementation. This improves on the old implementation which was hard-coded and not pluggable.
Comment 11 Jiri Pechanec 2011-11-15 09:24:50 UTC 
Verified in ER6