<div class="docbook"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">8.5. Configuration Encryption</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="Java-Broker-Security-ConnectionLimitProviders.html">Prev</a> </td><th width="60%" align="center">Chapter 8. Security</th><td width="20%" align="right"> <a accesskey="n" href="Java-Broker-Runtime.html">Next</a></td></tr></table><hr /></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="Java-Broker-Security-Configuration-Encryption"></a>8.5. Configuration Encryption</h2></div></div></div><p> The Broker is capable of encrypting passwords and other security items stored in the | |
Broker's configuration. This is means that items such as keystore/truststore passwords, JDBC | |
passwords, and LDAP passwords can be stored in the configuration in a form that is difficult to | |
read.</p><p>The Broker ships with an encryptor implementations called <code class="literal">AESGCMKeyFile</code> and | |
<code class="literal">AESKeyFile</code>. This uses a securely generated random key of 256bit | |
<a href="#ftn.d0e8482" class="footnote" id="d0e8482"><sup class="footnote">[9]</sup></a> | |
to encrypt the secrets stored within a key file. Of course, the key itself must be guarded carefully, | |
otherwise the passwords encrypted with it may be compromised. For this reason, the Broker ensures | |
that the file's permissions allow the file to be read exclusively by the user account used for running | |
the Broker.</p><div class="important" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Important</h3><p>AESKeyFile encryptor is considered as not safe, it is deprecated and will be removed in one of the | |
next releases. AESGCMKeyFile encryptor should be used instead.</p></div><div class="important" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Important</h3><p>If the keyfile is lost or corrupted, the secrets will be irrecoverable.</p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-Configuration-Encryption-Configuration"></a>8.5.1. Configuration</h3></div></div></div><p>The <code class="literal">AESGCMKeyFile</code> or <code class="literal">AESKeyFile</code> encryptor providers are | |
enabled/disabled via the <a class="link" href="Java-Broker-Management-Managing-Broker.html" title="7.2. Broker">Broker attributes</a> | |
within the Web Management Console. On enabling the provider, any existing passwords within the | |
configuration will be automatically rewritten in the encrypted form.</p><p>Note that passwords stored by the Authentication Providers <a class="link" href="Java-Broker-Security.html#Java-Broker-Security-PlainPasswordFile-Provider" title="8.1.8. Plain Password File (Deprecated)">PlainPasswordFile</a> and. | |
<a class="link" href="Java-Broker-Security.html#Java-Broker-Security-Base64MD5PasswordFile-Provider" title="8.1.10. Base64MD5 Password File (Deprecated)">PlainPasswordFile</a> | |
with the external password files are <span class="emphasis"><em>not</em></span> encrypted by the key. Use the | |
Scram Authentication Managers instead; these make use of the Configuration Encryption when | |
storing the users' passwords. </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-Configuration-Encryption-Alternate-Implementations"></a>8.5.2. Alternate Implementations</h3></div></div></div><p>If the <code class="literal">AESGCMKeyFile</code> encryptor implementation does not meet the needs of | |
the user, perhaps owing to the security standards of their institution, the | |
<code class="literal">ConfigurationSecretEncrypter</code> interface is designed as an extension point. | |
Users may implement their own implementation of ConfigurationSecretEncrypter perhaps to employ | |
stronger encryption or delegating the storage of the key to an Enterprise Password | |
Safe.</p></div><div class="footnotes"><br /><hr style="width:100; text-align:left;margin-left: 0" /><div id="ftn.d0e8482" class="footnote"><p><a href="#d0e8482" class="para"><sup class="para">[9] </sup></a>Java Cryptography Extension (JCE) Unlimited Strength required</p></div></div></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="Java-Broker-Security-ConnectionLimitProviders.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="Java-Broker-Security.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="Java-Broker-Runtime.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">8.4. Connection Limit Providers </td><td width="20%" align="center"><a accesskey="h" href="Apache-Qpid-Broker-J-Book.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 9. Runtime</td></tr></table></div></div> |