[wsas-java-dev] Security improvements to WSAS
Afkham Azeez
azeez at wso2.com
Mon Feb 5 22:59:23 PST 2007
Since it is not safe to maintain passwords in plain text, and ppl will
be reluctant to type in the password in plain text, we have removed it
from the WSAS server.xml file.
We have changed WSAS to do the following during startup:
...
INFO [2007-02-06 12:21:18,108] The service is deploying the echo.aar
Web service.
Please enter the password of Administrator 'admin'
New password:
Re-enter new password:
Password for Admin user changed.
INFO [2007-02-06 12:21:34,491] Using Repository
/home/azeez/.wso2wsas/repository
...
So, the admin user's password has to be entered for the first time when
WSAS is started up. WSAS will not start up until this is set. It is a
small price to pay for a more secure application.
What do you think about this approach? Is there a better approach?
-- Azeez
Sanjiva Weerawarana wrote:
> Wait wait, why can't the user just edit tungsten.xml and set the stuff
> up? Or use a command line tool to configure it if it isn't editable?
> Basically we shouldn't *require* *any* admin console actions. It should
> be possible to bring up WSAS in a fully safe mode without any human
> intervention.
>
> Sanjiva.
>
> Samisa Abeysinghe wrote:
>> James Clark wrote:
>>>> Why should the initial setup be that secure? I do not think anyone
>>>> would deploy the initial setup in a production environment.
>>>>
>>>
>>> The short answer is that we should make things secure even for people
>>> that are not sophisticated, competent and security-savvy.
>>>
>>> The simplest, more direct way to get something deployed on some server
>>> is to set things up directly on that server. Obviously eBay isn't going
>>> to do that, but maybe some overworked admin who's deploying on some
>>> virtual hosted system somewhere might do. If they don't deploy it
>>> directly, then they have to somehow move it over, which may not be
>>> trivial: they may not have any local systems that are similar to the
>>> production system. Also think of the case of using WSAS for the mashup
>>> server: this is running on users' PCs that are connected directly to the
>>> internet.
>>>
>> So if we make the default password changing to be part of the
>> installation process, would that cater for the situation?
>>
>> Samisa...
>>
>>
>> _______________________________________________
>> Wsas-java-dev mailing list
>> Wsas-java-dev at wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/wsas-java-dev
>>
>
--
Afkham Azeez
GPG Fingerprint: 643F C2AF EB78 F886 40C9 B2A2 4AE2 C887 665E 0760
http://www.wso2.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://wso2.org/pipermail/wsas-java-dev/attachments/20070206/7a4a2a6d/signature.pgp
More information about the Wsas-java-dev
mailing list