Bug 1021819 - AUTH and ENCRYPT protocols configured with plain text passwords
AUTH and ENCRYPT protocols configured with plain text passwords
Product: JBoss Data Grid 6
Classification: JBoss
Component: Documentation (Show other bugs)
Unspecified Unspecified
unspecified Severity high
: GA
: 6.4.0
Assigned To: gsheldon
Depends On: 1172038
  Show dependency treegraph
Reported: 2013-10-22 03:23 EDT by Martin Gencur
Modified: 2015-01-27 18:44 EST (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2015-01-27 18:44:12 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
JBoss Issue Tracker JGRP-1721 Major Resolved AUTH and ENCRYPT protocols configured with plain text passwords 2014-04-29 09:36:21 EDT

  None (edit)
Description Martin Gencur 2013-10-22 03:23:24 EDT
See description in the JIRA bug.
Comment 2 JBoss JIRA Server 2013-10-23 09:37:33 EDT
Bela Ban <bela@jboss.com> made a comment on jira JGRP-1721

All passwords can be set *programmatically* instead of via XML config files. When JGroups {{AUTH}} and {{ENCRYPT}} are run within EAP, I envisage that credentials, passwords, usernames etc are injected into the JGroups subsystem by EAP.

Is this still an issue ?
Comment 3 JBoss JIRA Server 2013-10-24 17:29:56 EDT
David Jorm <djorm@redhat.com> made a comment on jira JGRP-1721

Usage of vault is a mandatory security feature where applicable, i.e. in XML config files for a component that will run on WildFly/EAP. When passwords are set programmatically by the user, or via another mechanism, then it is not applicable.
Comment 4 JBoss JIRA Server 2013-10-29 10:32:23 EDT
Tristan Tarrant <ttarrant@redhat.com> made a comment on jira JGRP-1721

Protocol property values in the jgroups subsystem support expressions, and therefore transitively support ${VAULT::...}  expansion
Comment 5 JBoss JIRA Server 2014-03-28 03:46:21 EDT
Bela Ban <bela@jboss.com> updated the status of jira JGRP-1721 to Resolved
Comment 6 gsheldon 2014-12-03 22:04:38 EST
Adding Needinfo for Tristan.

Tristan, can you direct me to the programmatic configuration for keystore name and password? Is that all that is required to resolve this issue in documentation?


Comment 19 Vojtech Juranek 2015-01-09 03:50:03 EST
Hi Gemma,
looks good to me, thanks!

Note You need to log in before you can comment on or make changes to this bug.