Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-3811

JASPA: Move the encrypted password out to a separate file, along with the key

    XMLWordPrintable

    Details

      Description

      A meeting with Neil, Guillaume, Nick and Tony decided that the security of the Agents could be increased by moving the password out into a separate file (i.e. out of bootstrap properties).

      The reasoning behind this is that customers may want to place files like bootstrap properties into a git repo at which point the passwords become fairly public knowledge.

      The Java Agent has a separate problem of where to put the key used to obfuscate the password.  I would suggest this is placed in yet another file.

      It was also suggested that the Agent be able to pick up passwords from the environment.  Although this was deemed to be not the most secure approach, some customers may wish to persue it.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              tony.bamford Tony Bamford
              Reporter:
              tony.bamford Tony Bamford
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: