4 Replies Latest reply on Mar 22, 2012 10:40 AM by karink

    Securing the connection between slave host controller and master host controller

    karink

      Hi everybody

       

      This question is related to this documentation https://docs.jboss.org/author/display/AS7/Securing+the+Management+Interfaces (JBoss 7.1.1 final)

       

      Here a snippet from this documentation

       

      <management>

            <security-realms>

               <security-realm name="TestRealm">

                  <server-identities>

                     <secret value="c2xhdmVfcGFzc3dvcmQ=" />

                  </server-identities>

               </security-realm>

             </security-realms>

             ...

          </management>

       

          <domain-controller>

             <remote host="127.0.0.1" port="9999" security-realm="TestRealm" />

          </domain-controller>

      ....

       

      The value specified for the secret is the password encoded using Base64. On attempting to connect to the remote domain controller the Base64 password will be decoded and the connection will authenticate using the name of the host (in this example 'slave') and the password obtained from the secret.  The master domain controller will also need to be configured with a realm that contains the user 'slave' with the specified password.

       

      As far as I understood it would be possible to use a VAULT expression to encrypt the secret value in the host.xml file. I don't understand how the transport (from the slave host controller to the master host controller) of this secret will look like (is it plain or encrypted)?

       

      Thanks for your help

      Regards
      Karin