In Wildfly I want to use Elytron Credential Storage to store passwords. I want to use password aliases instead of clear text.
Does it make sense to encrypt Credential Storage file with passwords? If I encrypt it, I have to keep the unencrypted password either in standalone.xml or in another unencrypted Credential Storage file.
So anyone who has access to the folder with credentials files has access to all passwords, regardless of whether we encrypt them or not.
The entire security is therefore based on limiting access to credentials files.
Am I not understanding something about this?
My description is based (not exactly) on the solution from the article: how_to_configure_server_security/securely_storing_credentials.
In my solution and the solution from the article there is the same problem, the secrets are encrypted with an unencrypted password so why should I encrypt them?
How should it be done correctly?
Does it make sense to encrypt Wildfly Elytron Credential Storage file?
71 Views Asked by ArtRac At
0
There are 0 best solutions below
Related Questions in JBOSS
- Spring's XML based bean configuration for Object Mapper's Case Insensitive property
- jboss configuration via ipv6 version jboss-eap-7.4
- class org.jboss.resteasy.plugins.server.servlet.HttpServlet30Dispatcher does not implement jakarta.servlet.Servlet
- Eclipse deploy to Local JBOSS fails
- JBoss 4.x to Glassfish 2022 and Java 6 to Java 8 causes 1 non-XA Resource Exception
- SM Session Authentication issue from Site Minder getting HTML Login Page
- Facing [io.undertow.request.io] (default task-4) Exception handling request to /business-central/: java.io.IOException: UT010029: Stream is closed
- How to get the current number of in-use bean instances (MDB) from Wildfly?
- JConsole of JBoss EAP 7.1.1.0.10 has differences between two installation
- In what order are the bean instance pools settings applied in Jboss 7.3
- Spring boot app in WildFly 7 - endpoint not found
- how does one fix a class not found error in jboss 7.4?
- Unable to start Jakarta EE based JSF web application on JBoss EAP 7.4.6
- Deploying Jakarta EE 9 on JBoss 7.4
- How can I create a container from the jboss amq-7-broker-image repo image
Related Questions in WILDFLY
- what are the benefits of deploying a spring boot application on an application server?
- What's the point of deploying spring boot application on an application server like Wildfly?
- Keycloak 15.0.1 failed to start because of missing library
- JBoss Wildfly 17 server not accessible via the hosting laptop's IP address
- Facing [io.undertow.request.io] (default task-4) Exception handling request to /business-central/: java.io.IOException: UT010029: Stream is closed
- How to get the current number of in-use bean instances (MDB) from Wildfly?
- Wildfly runs properly but wars Faile
- Retreiving a deployment from Wildfly using Docker and Uploading into Nexus
- Deployment Discrepancy: .war File Deployment from Nexus to Wildfly via Docker Image
- Problem configuring messaging-activemq in bootable wildfly 25
- How to set a reverse proxy with Undertow
- Attempting to start WildFly 10 causing a InvocationTargetException
- I want to access a password stored in a elytron credential store using system properties in jboss eap 7.4 version
- WildFly primefaces Fileupload customization (Encrypted tempFile)
- Error deploying .war from Nexus to Wildfly 29.0.1.Final via Docker
Related Questions in ELYTRON
- I want to access a password stored in a elytron credential store using system properties in jboss eap 7.4 version
- Wildfly 27: No error or warning in case of incorrect security domain specified in web.xml / jboss-web.xml
- How to encrypt/mask sensitive system-properties values in WildFly 26+ using elytron or another solution, since vault is no longer available?
- Migrating LDAP to local authentication elytron system in Wildfly 20.0.1 Final for JavaEE8 WebApp
- Setting up LDAP with jBPM (Kie Server) 7.74.1.Final in Docker
- Wildfly / Elytron and jdbc-realm with digest
- Wildfly 29 Single Sign On only working for localhost not IP address
- Using two different columns for password with Elyctron JDBC realm
- Wildfly 26.1.2.Final: ModuleNotFoundException
- Setup messaging subsystem using ActiveMQ in WildFly
- EJB calls over HTTP | client Authentication issue
- Jboss EAP Migration - Legacy Security to Elytron Security
- Does it make sense to encrypt Wildfly Elytron Credential Storage file?
- Quarkus ldap security authenticating with uid and description instad of userPassword
- Error when migrating from Jboss-7.4.0 to Jboss-7.4.5
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?