Bug 780576 - (SOA-3012) Allow for pluggable password encryption/decryption mechanism for FilePassword in esb
Allow for pluggable password encryption/decryption mechanism for FilePassword...
Status: CLOSED NEXTRELEASE
Product: JBoss Enterprise SOA Platform 5
Classification: JBoss
Component: JBossESB (Show other bugs)
5.0.2,5.1.0 GA
Unspecified Unspecified
high Severity high
: ---
: 5.2.0.ER6
Assigned To: tcunning
http://jira.jboss.org/jira/browse/SOA...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2011-04-06 16:31 EDT by Matt Davis
Modified: 2011-11-15 04:24 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-11-15 04:24:50 EST
Type: Feature Request
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
JBoss Issue Tracker JBESB-3704 Minor Closed pluggable password mechanism under AS4 2013-06-25 11:50:00 EDT
JBoss Issue Tracker SOA-3012 Major Closed Allow for pluggable password encryption/decryption mechanism for FilePassword in esb 2013-06-25 11:50:00 EDT

  None (edit)
Description Matt Davis 2011-04-06 16:31:23 EDT
Affects: Release Notes
Help Desk Ticket Reference: https://c.na7.visual.force.com/apex/Case_View?id=500A0000004q5qs&sfdc.override=1
project_key: SOA

The customer would like the ability to plugin their own encryption implementation for FilePassword. This would be similar to how the FilePassword mechanism works in the JaasSecurityDomain mbean, but using their own pluggable password encryption mechanism. For instance, in the jbossesb-properties, they would like to specify <property name="org.jboss.soa.esb.services.security.publicKeystorePassword" value="testKeystorePassword"/> using their own plugin implementation. Currently the implementation is hard coded and not pluggable.
Comment 1 Matt Davis 2011-04-06 16:32:06 EDT
Link: Added: This issue is related to JBESB-3555
Comment 2 Rick Wagner 2011-07-26 14:30:47 EDT
Per DOC-53797:

"The goal of this process is  to provide a quick and clear response to the customer - we should respond to the request withing two weeks. The response has to be unambgious - if we have rejected the enhancement a reason needs to be provided; if it is accepted then a release version has to be commited to."

Ken, can we please make a decision on this ASAP?  
Comment 5 Rick Wagner 2011-10-25 09:46:41 EDT
Discussed in SOA PM meeting 10/25/2011.  Will try to put this into 5.2.  We will need to tell the customer about the change through the ticket, need to add to doc next cycle.
Comment 6 Anne-Louise Tangring 2011-10-25 09:47:18 EDT
We will allow this into the release. Low risk. 
Comment 7 Anne-Louise Tangring 2011-10-25 09:47:18 EDT
Release Notes Docs Status: Added: Not Yet Documented
Affects: Added: Release Notes
Comment 8 tcunning 2011-10-26 01:13:38 EDT
Patch committed for ER6.
Comment 9 tcunning 2011-10-26 19:14:07 EDT
Link: Added: This issue relates to JBESB-3704
Comment 10 David Le Sage 2011-11-08 21:57:32 EST
Release Notes Docs Status: Removed: Not Yet Documented Added: Documented as Resolved Issue
Writer: Added: dlesage
Release Notes Text: Added: https://issues.jboss.org/browse/SOA-3012

There is now a pluggable password encryption/decryption mechanism  for the ESB's FilePassword.  This is similar to how the FilePassword mechanism works in the JaasSecurityDomain mbean, but you can uses your own pluggable password encryption mechanism. For instance, in the jbossesb-properties, you can specify property name="org.jboss.soa.esb.services.security.publicKeystorePassword" value="testKeystorePassword" using your plugin implementation. This improves on the old implementation which was hard-coded and not pluggable.
Comment 11 Jiri Pechanec 2011-11-15 04:24:50 EST
Verified in ER6

Note You need to log in before you can comment on or make changes to this bug.