[GLASSFISH-19203] Password Aliasing Created: 22/Oct/12  Updated: 19/Mar/13

Status: Open
Project: glassfish
Component/s: security
Affects Version/s: 4.0
Fix Version/s: future release

Type: New Feature Priority: Major
Reporter: JeffTancill Assignee: JeffTancill
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: 6 weeks
Time Spent: Not Specified
Original Estimate: 6 weeks

Tags: ee7platspec


Best practices and common enterprise security policies dictate that we not store any passwords in clear text on the filesystem. There are a number of places where passwords are required in configuration, annotations and possibly even application code.
Password aliasing or indirection is a mechanism for storing and referencing a moniker or token instead of an actual clear text password. Resolving the token into an actual password for use at runtime is protected and only available to trusted code.
In order to support this in a portable way, Java EE 7 is standardizing a number of aspects of the solution. At the same time, the standard will not dictate the runtime implementation details for this support.

See http://java.net/downloads/javaee-spec/password-aliasing-ee7-proposal.pdf

Generated at Thu May 05 01:56:29 UTC 2016 using JIRA 6.2.3#6260-sha1:63ef1d6dac3f4f4d7db4c1effd405ba38ccdc558.