Nav
You are viewing an older version of this section. Click here to navigate to the latest version.

Security Manager Configuration Reference

This page provides details on the elements you configure for the security manager. For more information, see Configuring Security.

Security manager

The default security manager.

Attributes of <security-manager…​>

Name Type Required Default Description

id

no

name

no

Child Elements of <security-manager…​>

Name Cardinality Description

custom-security-provider

0..1

A custom implementation of SecurityProvider.

custom-encryption-strategy

0..1

A custom implementation of EncryptionStrategy.

secret-key-encryption-strategy

0..1

Provides secret key-based encryption using JCE.

password-encryption-strategy

0..1

Provides password-based encryption using JCE. Users must specify a password and optionally a salt and iteration count as well. The default algorithm is PBEWithMD5AndDES, but users can specify any valid algorithm supported by JCE.

Custom security provider

A custom implementation of SecurityProvider.

Attributes of <custom-security-provider…​>

Name Type Required Default Description

name

name (no spaces)

yes

provider-ref

string

yes

The name of the security provider to use.

Child Elements of <custom-security-provider…​>

Name Cardinality Description

spring:property

0..*

Spring-style property element for custom configuration.

Custom encryption strategy

A custom implementation of EncryptionStrategy.

Attributes of <custom-encryption-strategy…​>

Name Type Required Default Description

name

name (no spaces)

yes

strategy-ref

string

yes

A reference to the encryption strategy (which may be a Spring bean that implements the EncryptionStrategy interface).

Child Elements of <custom-encryption-strategy…​>

Name Cardinality Description

spring:property

0..*

 

Secret key encryption strategy

Provides secret key-based encryption using JCE.

Attributes of <secret-key-encryption-strategy…​>

Name Type Required Default Description

name

name (no spaces)

yes

key

string

no

The key to use. This and the 'keyFactory-ref' attribute are mutually exclusive.

keyFactory-ref

string

no

The name of the key factory to use. This should implement the ObjectFactory interface and return a byte array. This and the 'key' attribute are mutually exclusive.

Child Elements of <secret-key-encryption-strategy…​>

Name Cardinality Description

Password encryption strategy

Provides password-based encryption using JCE. Users must specify a password and optionally a salt and iteration count as well. The default algorithm is PBEWithMD5AndDES, but users can specify any valid algorithm supported by JCE.

Attributes of <password-encryption-strategy…​>

Name Type Required Default Description

name

name (no spaces)

yes

password

string

yes

The password to use.

salt

string

no

The salt to use (this helps prevent dictionary attacks).

iterationCount

integer

no

The number of iterations to use.

Child Elements of <password-encryption-strategy…​>

Name Cardinality Description