THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
You can also include security realm configuration, keystores, and credential stores in your geronimo plan for your application. Just put the gbean configurations at the end after the javaee specific configuration. In this case you may not want to remove the standard server-security-config as removing it would prevent the admin console or mejb from starting.
Using a pluggable encryption system
By default you get the old behavior with {Simple} encryption with a hard-coded key. If you want to have a fixed key generated by Geronimo, you can add this Gbean to the rmi-naming module in config.xml:
| Code Block |
|---|
<gbean name="org.apache.geronimo.configs/rmi-naming/2.2-SNAPSHOT/car?name=ConfiguredEncryption,j2eeType=GBean" gbeanInfo="org.apache.geronimo.system.util.ConfiguredEncryption">
<attribute name="path">var/security/ConfiguredSecretKey.ser</attribute>
<reference name="ServerInfo"><pattern><name>ServerInfo</name></pattern></reference>
</gbean>
|
This will create a key the first time the server started, after that it will keep using the saved key at the location specified. If you put a serialized SecretKeySpec there it will use it instead.