[JBPAPP-5578] Add options to retrieve keys and certificates from JaasSecurityDomain - JBoss Issue Tracker

XML

Word

Printable

Details

Type: Feature Request
Status: Closed (View Workflow)
Priority: Major
Resolution: Done
Affects Version/s: EAP_EWP 5.1.0
Fix Version/s: EAP_EWP 5.1.1
Component/s: Security
Labels:
None

Release Notes Text:

Hide
Exposing the keystore or truststore password in JaasSecurityDomain is insecure. Two options have been added to retrieve private keys and certificates directly from the JSD, so that they can be used by external components. These methods are <code>getKey</code> and <code>getCertificate</code>. The <code>getKey</code> method requires you to provide a security token.

Show
Exposing the keystore or truststore password in JaasSecurityDomain is insecure. Two options have been added to retrieve private keys and certificates directly from the JSD, so that they can be used by external components. These methods are <code>getKey</code> and <code>getCertificate</code>. The <code>getKey</code> method requires you to provide a security token.
Release Notes Docs Status:
Documented as Resolved Issue

Description

Since we don't want to expose the keystore/truststore password in JaasSecurityDomain we need to add options to retrieve private keys and certificates directly from the JSD so they can be used by external components.

Gliffy Diagrams

Attachments

Issue Links

cloned to

JBPAPP-5848 Document - Add options to retrieve keys and certificates from JaasSecurityDomain

Closed

JBPAPP-5882 Document - Add options to retrieve keys and certificates from JaasSecurityDomain

Closed

Activity

People

Assignee:

Marcus Moyses

Reporter:

Marcus Moyses

Writer:

Misty Stanley-Jones

Votes:

0 Vote for this issue

Watchers:

0 Start watching this issue

Dates

Created:

12/Dec/10 10:48 AM

Updated:

21/Apr/11 9:29 AM

Resolved:

12/Dec/10 10:52 AM