Bug 780285 (SOA-2688) - Encrypted passwords in jbossesb-properties.xml in SOA-P 4.x and 5.x
Summary: Encrypted passwords in jbossesb-properties.xml in SOA-P 4.x and 5.x
Keywords:
Status: NEW
Alias: SOA-2688
Product: JBoss Enterprise SOA Platform 4
Classification: JBoss
Component: JBossESB
Version: 4.3 CP02
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: FUTURE
Assignee: tcunning
QA Contact:
URL: http://jira.jboss.org/jira/browse/SOA...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-12-15 21:29 UTC by Roger Hui
Modified: 2021-07-01 12:48 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Feature Request

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker SOA-2688 0 None None None Never

Description Roger Hui 2010-12-15 21:29:12 UTC 
Help Desk Ticket Reference: https://c.na7.visual.force.com/apex/Case_View?id=500A0000004UFLs&sfdc.override=1
project_key: SOA

There is a security requirement to encrypt all passwords in EAP. However, passwords in jbossesb-properties.xml is not.
Comment 2 Kevin Conner 2010-12-16 05:14:03 UTC 
It should already be possible to encrypt the passwords in jbossesb-properties.xml, can you give us an example of where you think this fails?
Comment 3 Roger Hui 2010-12-16 17:04:13 UTC 
Three passwords in jboss-esb.properties that are not encyptable today:

<property name="org.jboss.soa.esb.registry.password" 
<property name="org.jboss.soa.esb.mail.smtp.password" value=""/>
<property name="org.jboss.soa.esb.persistence.db.pwd"
Comment 4 Kevin Conner 2010-12-16 17:42:20 UTC 
The only one of these three which cannot be encrypted is the SMTP one.
Note You need to log in before you can comment on or make changes to this bug.