我正在使用wso2esb4.8.0 我将如何使用安全保险库选项来隐藏密码。 我无法找到合适的docs.wso2carbon服务器和wso2esb之间的连接是什么。 如果我想在wso2esb中使用安全保险库我还需要安装wso2carbon服务器或者我们已经直接使用
我做了以下更改/repository/conf/security/secret-config.properties
我在此文件中进行了以下更改,但没有使用
#
#keystore.identity.location=/home/youtility2/Desktop/ESB/wso2/wso2esb-4.8.0/repository/resources/security/wso2carbon.jks
#keystore.identity.type=JKS
#keystore.identity.alias=wso2carbon
#keystore.identity.store.password=identity.store.password
#keystore.identity.store.secretProvider=com.sample.password.callback.handler.HardCodedSecretCallbackHandler
#secretRepositories.file.provider=org.wso2.securevault.secret.repository.FileBaseSecretRepositoryProvider
#secretRepositories.file.location=repository/conf/security/cipher-text.properties
#secretRepositories=file
#keystore.identity.key.password=identity.key.password
#carbon.secretProvider=org.wso2.securevault.secret.handler.SecretManagerSecretCallbackHandler
#keystore.identity.key.secretProvider=com.sample.password.callback.handler.HardCodedSecretCallbackHandler
#keystore.identity.alias=wso2carbon
#keystore.identity.key.password=wso2carbon
##keystore.identity.key.secretProvider=<any implementation of org.apache.synapse.commons.security.secret.SecretCallbackHandler>
##keystore.identity.parameters=enableHostnameVerifier=false;keyStoreCertificateFilePath=/home/esb.cer
#
#keystore.trust.location=repository/resources/security/client-truststore.jks
#keystore.trust.type=JKS
#keystore.trust.alias=wso2carbon
#keystore.trust.store.password=wso2carbon
##keystore.trust.store.secretProvider=<any implementation of org.apache.synapse.commons.security.secret.SecretCallbackHandler>
#
并重新启动esb,但我无法使用安全保管库
vault key="my.pwd.login"
pwd="****"
repeat="****"
像这样从控制台获取错误
ERROR - CipherInitializer No secret repositories have been configured
[2014-02-05 14:50:50,547] ERROR - CipherInitializer Either Configuration properties can not be loaded or No secret repositories have been configured please check PRODUCT_HOME/repository/conf/security refer links related to configure WSO2 Secure vault
[2014-02-05 14:50:50,547] ERROR - MediationSecurityAdminService Either Configuration properties can not be loaded or No secret repositories have been configured please check PRODUCT_HOME/repository/conf/security refer links related to configure WSO2 Secure vault
[2014-02-05 14:50:50,548] ERROR - MediationSecurityAdminService Failed to load security key store information ,Configure secret-conf.properties properly by referring to http://docs.wso2.org/display/Carbon402/WSO2+Carbon+Secure+Vault
org.apache.axis2.AxisFault: Failed to load security key store information ,Configure secret-conf.properties properly by referring to http://docs.wso2.org/display/Carbon402/WSO2+Carbon+Secure+Vault
at org.wso2.carbon.mediation.security.vault.MediationSecurityAdminService.handleException(MediationSecurityAdminService.java:83)
at org.wso2.carbon.mediation.security.vault.MediationSecurityAdminService.doEncrypt(MediationSecurityAdminService.java:54)
* * “
先谢谢, 费萨尔。
答案 0 :(得分:0)
ESB,API Manager等WSO2产品构建于WSO2 Carbon框架之上。因此,我们可以将ESB,APIM等称为基于碳的服务器。因此,请按照ESB中carbon docs page on secure vault中提供的配置步骤进行操作。我认为该指南非常具有描述性。
请注意,以符号“#”开头的行表示它是评论。因此,您应该从/repository/conf/security/secret-conf.properties文件中正确删除“#”符号。
答案 1 :(得分:0)
您可以使用安全保管库来保护配置文件的预定义密码,该密码可以在/ repository / conf目录中找到(axis2.xml,master-datasource.xml和user-mgt.xml等)。第一,我猜你需要确定你想要保护的密码。然后请在cipher-text.properties文件中根据别名配置您的实际密码。您可以运行ciphertool.sh脚本以自动方式执行其他配置。有关详细信息,请参阅this。请注意,默认实现时,使用wso2carbon.jks文件加密密码。