1 2 Previous Next 17 Replies Latest reply: Feb 8, 2011 1:21 PM by Anil Saldhana Go to original post RSS
      • 15. AS7 Property File Based Login Modules
        Jason Greene Master

        Scott Stark wrote:

         

        An adminstrator should be able to specify or override an application specific security domain setting. If needed, it could be a domain property to ignore security domain settings from applications, but it certainly is an ease of use feature to allow them.

         

        Can we have a properties element in the security domain schema that can allow for the properties files information to be provide?

        Yes I agree that if we support application provided security domains, that there needs to be a flag that must be set to allow them.

         

        We should also support property value obfuscation based on some domain server key in general for properties. Is that a notion we have in the domain model?

         

        We have support for expressions, so they could be extended to allow for this.

        • 16. AS7 Property File Based Login Modules
          Jason Greene Master

          Note that it may well be worth having a basic user password management mechanism in domain.xml to replace the old properties file approach. However, if we do obfucryption the user would still have to get the key on every box.

          • 17. AS7 Property File Based Login Modules
            Anil Saldhana Master

            Password based encryption is lower in trust pyramid - does not require keys but is able to mask passwords which works for most deployments. So if this PBE approach can be taken to mask the password.

            1 2 Previous Next