users@glassfish.java.net

encryption of aliased passwords

From: Trond Strømme <trond.stromme_at_oracle.com>
Date: Tue, 01 Nov 2011 14:11:58 +0100

HI,
IHAC that is asking how a password substituted by an alias (to avoid
having the password in cleartext in domain.xml) is encrypted.
Details such as the algorithm and what serves as the key would be nice,
or if anyone can point me to some documentation or source code for this.
They ask because their security group want to know how the passwords are
encrypted and with which algorithm.

-- 
Trond Strømme
trond.stromme_at_oracle.com
Oracle EMEA Advanced Customer Services
+47 975 09 388
http://blogs.oracle.com/tronds
This transmission is intended only for the use of the addressee and may contain confidential or legally privileged information. If you are not the intended recipient, you are notified that any retransmission, dissemination, disclosure or other use of, or taking any action in reliance upon, this communication is strictly prohibited. If you have received this transmission in error please notify us immediately and delete all copies of this transmission together with any attachments.