Details
-
New Feature
-
Status: Closed
-
Major
-
Resolution: Fixed
-
core-1.0.0
-
None
Description
At the moment, the SQL OS does not encode the Isis Password value type password values when writing to the database.
This enhancement implements a simple encoding / decoding system that allows the Isis Password value type to be stored in a simply encoded value in the database table, while remaining in plain text when in memory.
The conversion is done by the database layer when storing (encoding) and retrieving (decoding) values.
Enable by adding the following to the isis.properties:
isis.persistor.sql.password.seed=<some random text>
isis.persistor.sql.password.length=<length of encoded string>
All strings will be stored in the database field as strings of length "isis.persistor.sql.password.length", which defaults to 120.
If isis.persistor.sql.password.seed is undefined (null), the default behaviour (of not encoding the string) will apply.
The "isis.persistor.sql.password.seed" is a custom value that is used to encode the password.
NOTE: This is not secure nor unbreakable, it just prevents a casual observer of your database from being able to read your stored passwords.