powered by Jive Software

OF 4.0.1; System Property encryption is not cluster aware

Steps to reproduce;

  1. One one node in an Openfire cluster, via the admin console (Server -> Server Manager -> System Properties) create a system property, e.g. “aaa.test-property”, with a value. Select the “Encrypt the property value”, and click “Save Property”
  2. Note that the admin console indicates that the property value is hidden, and shows the padlock symbol indicating it is encrypted.
  3. Access the System Properties screen on another node in the same cluster.

Expected results;

  • The System Properties screen on other nodes in the cluster indicate that the property value is hidden, and shows the padlock symbol indicating it is encrypted.
    Actual results;

  • The System Properties screen on other nodes in the cluster display the plain text value of the property, and do not indicate that it is encrypted.

Note 1; the same behaviour is seen if the property is created in plain text and subsequently encryption using the “+” button.

Note 2; if the “other” nodes are restarted after the property is encrypted, the encrypted value of the property is shown.

A quick analysis shows that the “this field is encrypted” flag is stored in a file, conf/security.xml, rather than the database. This is probably sub-optimal as the contents of this file needs to be replicated across all current and future member clusters.

Thanks for the excellent bug report https://issues.igniterealtime.org/browse/OF-1159

Not a problem; I know what I like to receive as a bug report, and as far as possible try and include that information when I raise them!