1. Userid & Password Management By Dynaprop Presented by: Subhajit Ghosh November 17, 2009
2.
3. What is Dynaprop Dynaprop (The Dynamic Property Manager Admin Console )allows an application team to securely and dynamically administer application properties that are stored in an Oracle, DB2 or SQL Server database through a web interface.
Symmetric Crypt w/ RC4 – wasn’t written or intended to be a reusable FW Property Manager – one of JCOE first FW’s. Written at the same time as eSpoke to support eSpoke configuration Integrated Symmetric Crypt & Property Manager – for password decryption. Uses a system property for key configuration Dynamic Property Manager developed to allow for property changes w/o having to re-deploy application and provide higher security. This includes the DynaProp Admin console and ‘Highly dynamic’ properties. HD properties will be retrieved from the DB with each access if necessary FJF Asymmetric encryption/decryption included in DynaProp using FJFConfig keys. FJFConfig has a different key for each environment. Note there are no tools outside of DynaProp Admin console to encrypt with FJF Asymmetric Crypt Controls Compliance guide describes all the controls necessary for all the different encryption/decryption components and processes com.ford.it.context.RequestContext developed to support the Thread Local pattern Property Credentials utility – Allows you to define ‘Highly Dynamic’ namespaces that contain a id & password w/o taking the hit of a DB trip with every access. Symmetric Crypt was changed to only generate AES and Triple DES keys. RC4 keys are for backward compatibility only.