forked from web-servers/tomcat-vault
-
Notifications
You must be signed in to change notification settings - Fork 0
/
INSTALL
66 lines (47 loc) · 2.01 KB
/
INSTALL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
PicketLink vault extension for Apache Tomcat.
See the NOTICE file distributed with this work for information
regarding copyright ownership. See the LICENSE file distributed
with this work for information regarding licensing.
=====================================================================
Requirements:
-------------
Building from the distributed tarball:
* Apache Tomcat 8.0.15+
* Apache Maven
Building Instructions:
----------------------
1. Install Apache Tomcat (from RPM or by hand or however you prefer)
2. Compile Tomcat Vault from its source directory by running
$ mvn install
3. Copy the generated jar target/tomcat-vault-X-jar-with-dependencies.jar
to CATALINA_BASE/lib (where X is the version)
4. Add the following line to CATALINA_BASE/conf/catalina.properties
org.apache.tomcat.util.digester.PROPERTY_SOURCE=org.apache.tomcat.vault.util.PropertySourceVault
5. Configure your vault using ./bin/vault.sh (found the related
documentation in the "links" section)
6. Create a file named vault.properties in CATALINA_BASE/conf
containing your vault information as below (all of these keys
must be defined and NOT empty)
KEYSTORE_URL=..
KEYSTORE_PASSWORD=..
KEYSTORE_ALIAS=..
SALT=..
ITERATION_COUNT=..
ENC_FILE_DIR=..
7. Start Apache Tomcat
Usage:
------
Simply replace whatever property value you would like to hide
in any Apache Tomcat configuration file by ${attribute_name}
Example
=======
<user username="tomcat" password="acb$123" roles="manager-gui"/>
from || -------
\/ to
<user username="tomcat" password="${VAULT::TOMCAT::password::}" roles="manager-gui"/>
-----------
Links:
------
How to configure Vault :
- https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/html/Security_Guide/chap-Secure_Passwords_and_Other_Sensitive_Strings_with_Password_Vault.html
$Id: INSTALL,v 1.1 2015/03/23 11:44:00 maxbeck Exp $