Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-3895

add support for Jetty's password obfuscation methods

    XMLWordPrintableJSON

    Details

    • Estimated Complexity:
      Unknown

      Description

      For SSL connectors, the Jetty configuration allows definition of keystore and truststore passwords in a obfuscated fashion. See http://wiki.eclipse.org/Jetty/Howto/Secure_Passwords for details. Currently this does not work when using the Spring based configuration for jetty, i.e. using for example this

      <sec:keyStore type="JKS" password="OBF:1sot1v961saj1v9i1v941sar1v9g1sox" file="conf/keystore" />

      will lead to an exception on startup, which is identical to those that come up when an invalid keystore password is provided.

      My guess is, that the "OBF:" prefix is not detected by the configuration hook, and therefore the provided password string is used as-is. (But I am just guessing here...)

        Attachments

          Activity

            People

            • Assignee:
              dkulp Daniel Kulp
              Reporter:
              m_hess Michael Heß
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: