-
2. Re: Securing Encyrption Keys.
Scott,
i believe this is what i'm looking for, but i'm not quite sure what/where to implement, and what file configurations(conf/xml's) will need to be made for the implementation.. can you provide any other pointers ?
thanks,
c -
3. Re: Securing Encyrption Keys.
Check out the testsuite in the source download. It has examples of using the JaasSecurityDomain for encryption in the src/resources/security dir:
<?xml version="1.0" encoding="UTF-8"?> <server> <!-- Test a plaintext password --> <mbean code="org.jboss.security.plugins.JaasSecurityDomain" name="jboss.security:service=JaasSecurityDomain,domain=encode-decode"> <constructor> <arg type="java.lang.String" value="encode-decode"/> </constructor> <attribute name="KeyStorePass">unit-tests</attribute> <attribute name="Salt">abcdefgh</attribute> <attribute name="IterationCount">13</attribute> </mbean> <!-- Test a password obtained from a class using a tmp file --> <mbean code="org.jboss.security.plugins.JaasSecurityDomain" name="jboss.security:service=JaasSecurityDomain,domain=testTmpFilePassword"> <constructor> <arg type="java.lang.String" value="testTmpFilePassword"/> </constructor> <attribute name="KeyStorePass">{CLASS}org.jboss.security.plugins.TmpFilePassword:${java.io.tmpdir}/tmp.password</attribute> <attribute name="Salt">abcdefgh</attribute> <attribute name="IterationCount">13</attribute> </mbean> <!-- Test a password obtained from a class using an opaqued file --> <mbean code="org.jboss.security.plugins.JaasSecurityDomain" name="jboss.security:service=JaasSecurityDomain,domain=testFilePassword"> <constructor> <arg type="java.lang.String" value="testFilePassword"/> </constructor> <attribute name="KeyStorePass">{CLASS}org.jboss.security.plugins.FilePassword:${java.io.tmpdir}/tst.password</attribute> <attribute name="Salt">abcdefgh</attribute> <attribute name="IterationCount">13</attribute> </mbean> </server>