Tomcat Vault的使用方法
- - 开源软件 - ITeye博客在tomcat的配置文件中,用户名和密码是明文保存的:. 从上图中可以看到,tomcat的配置文件中的password是明文保存的:. 为了解决这个问题,JBoss社区推出了tomcat-vault[1],通过Java的KeyStore机制来保存秘钥,并通过秘钥对Tomcat配置文件中明文的密码进行加密.
<user username="tomcat" password="tomcat" roles="tomcat"/>
cute:Downloads weli$ unzip tomcat-vault-1.0.8.Final.zip Archive: tomcat-vault-1.0.8.Final.zip 5d8b74bb5e8e8fe636194bb6ab4633db9e09ba7a creating: tomcat-vault-1.0.8.Final/ inflating: tomcat-vault-1.0.8.Final/INSTALL inflating: tomcat-vault-1.0.8.Final/LICENSE inflating: tomcat-vault-1.0.8.Final/README.md ...
cute:tomcat-vault-1.0.8.Final weli$ mvn install Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=128m; support was removed in 8.0 [INFO] Scanning for projects... [INFO] [INFO] ------------------------------------------------------------------------ [INFO] Building Tomcat Vault extension 1.0.8.Final [INFO] ------------------------------------------------------------------------ Downloading: http://maven.repository.redhat.com/earlyaccess/all/org/apache/tomcat/tomcat-util/8.0.15/tomcat-util-8.0.15.pom Downloading: http://maven.repository.redhat.com/techpreview/all/org/apache/tomcat/tomcat-util/8.0.15/tomcat-util-8.0.15.pom Downloading: https://repository.jboss.org/nexus/content/repositories/releases/org/apache/tomcat/tomcat-util/8.0.15/tomcat-util-8.0.15.pom ... [INFO] Installing /Users/weli/Downloads/tomcat-vault-1.0.8.Final/target/vault-tomcat-1.0.8.Final-jar-with-dependencies.jar to /Users/weli/.m2/repository/org/apache/tomcat/vault-tomcat/1.0.8.Final/vault-tomcat-1.0.8.Final-jar-with-dependencies.jar [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 03:16 min [INFO] Finished at: 2015-10-24T11:33:30+08:00 [INFO] Final Memory: 22M/198M [INFO] ------------------------------------------------------------------------
Enter directory to store encrypted files:/Users/weli/projs/apache-tomcat-8.0.28/conf
Enter Keystore URL:/Users/weli/projs/apache-tomcat-8.0.28/conf/vault.keystore
Enter Keystore password: my_password123 Enter Keystore password again: my_password123
Enter 8 character salt:1234abcd Enter iteration count as a number (Eg: 44):120
Enter Keystore Alias:my_vault
KEYSTORE_URL=/Users/weli/projs/apache-tomcat-8.0.28/conf/vault.keystore KEYSTORE_PASSWORD=MASK-3CuP21KMHn7G6iH/A3YpM/ KEYSTORE_ALIAS=my_vault SALT=1234abcd ITERATION_COUNT=120 ENC_FILE_DIR=/Users/weli/projs/apache-tomcat-8.0.28/conf/
org.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.vault.util.PropertySourceVault
--attribute manager_password --sec-attr P@SSW0#D
KEYSTORE_URL=/Users/weli/projs/apache-tomcat-8.0.28/conf/vault.keystore KEYSTORE_PASSWORD=MASK-3CuP21KMHn7G6iH/A3YpM/ KEYSTORE_ALIAS=my_vault SALT=1234abcd ITERATION_COUNT=120 ENC_FILE_DIR=/Users/weli/projs/apache-tomcat-8.0.28/conf/
${VAULT::my_block::manager_password::}