Uploaded image for project: 'Cloud Enablement'
  1. Cloud Enablement
  2. CLOUD-2758

[EAP] Update jgroups AUTH and SYM_ENCRYPT to use non deprecated configurations

    XMLWordPrintable

Details

    Description

      See pferraro's comments here: https://issues.jboss.org/browse/CLOUD-2417

      "The shared secret used by AUTH is specified as an elytron credential reference, and the token can use any digest algorithm (not just MD5 and SHA-1).
      e.g.
      <protocol type="AUTH">
      <digest-token algorithm="SHA-512"><!-- default is SHA-256 -->
      <shared-secret-reference clear-text="bLogGimU"/><!-- or use a credential store -->
      </digest-token>
      </protocol>

      Additionally, SYM_ENCRYPT should reference a elytron managed key store; the key entry password is specified as an elytron credential reference.
      <protocol type="SYM_ENCRYPT" key-store="jgroups" key-alias="secret"><!-- references /subsystem=elytron/keystore=jgroups -->
      <key-credential-reference clear-text="bLogGimU"/><!-- or use a credential store -->
      <property name="encrypt_entire_message">true</property>
      </protocol>
      "

      Attachments

        Issue Links

          incorporates

          Enhancement - An enhancement to or refactoring of existing functionality that is not configurable by an end user (typically a change made by an internal team that affects users) CLOUD-2942 EAP CD 14 Release

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is related to

          Bug - A problem that impairs or prevents the functions of the product. CLOUD-2844 jgroups warning "encrypt_entire_message has been deprecated"

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • New

          Enhancement - An enhancement to or refactoring of existing functionality that is not configurable by an end user (typically a change made by an internal team that affects users) CLOUD-2437 [RH-SSO] Introduce the ability to set JGroups protocol type to ASYM_ENCRYPT

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              kwills@redhat.com Ken Wills
              kwills@redhat.com Ken Wills
              Stanislav Kaleta Stanislav Kaleta (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: