karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Müller (JIRA) <j...@apache.org>
Subject [jira] [Commented] (KARAF-2045) Support encrypted connection to the database for fail over configuration
Date Thu, 13 Dec 2012 09:29:21 GMT

    [ https://issues.apache.org/jira/browse/KARAF-2045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13530820#comment-13530820

Christian Müller commented on KARAF-2045:

Hey JB,

this is something we need to (for PCI) if it's not available for all passwords at present
(JMX password, ...).

But this JIRA address another issue we have.
We use the Karaf Master/Slave fail over mechanism. We use the jdbc lock mechanism (with Oracle).
By default, Oracle (and I think the others too) doesn't use an encrypted connection. This
means the user/password is sent in plain text from Karaf to the database. This is considered
as insecure from our auditors.
A simple solution (at least for Oracle) is to be able to provide jdbc connection properties.
Oracle support some properties to secure the connection.

With this JIRA, I would like to introduce a new property "karaf.lock.jdbc.connection.properties"
in $KARAF_HOME/etc/system.properties to support this requirement.
> Support encrypted connection to the database for fail over configuration
> ------------------------------------------------------------------------
>                 Key: KARAF-2045
>                 URL: https://issues.apache.org/jira/browse/KARAF-2045
>             Project: Karaf
>          Issue Type: Improvement
>          Components: karaf-core
>            Reporter: Christian Müller
>            Priority: Minor
> See http://karaf.922171.n3.nabble.com/Using-database-locking-mechanism-for-Failover-td4026825.html
> I will work on a patch in the next weeks...

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message