Commit Graph

11 Commits

Author SHA1 Message Date
Carlos Ruiz 47aee6fb02
IDEMPIERE-4602 Encrypt passwords on properties files (FHCA-1982) (#498)
* backward compatible with the previous idempiere.properties and idempiereEnv.properties version
* when the setup/console-setup is executed again the secret keys are stored obfuscated in a different file .idpass
  * Secret keys are ADEMPIERE_DB_PASSWORD, ADEMPIERE_DB_SYSTEM, ADEMPIERE_MAIL_PASSWORD
  * to add more is just adding keys to array ConfigurationData.secretVars
* the previous (unobfuscated) approach is still preserved passing -DIDEMPIERE_SECURE_PROPERTIES=false to the JVM in setup and server
* the approach just run on Linux - as is implemented using shell script, windows is out of the initial scope, but could be possible to implement .bat files to do similar
* the default approach is to use getVar.sh and setVar.sh that writes in .idpass obfuscated
  * is possible to extend and use custom secret managers implementing customSetVar.sh and customGetVar.sh
  * samples for amazon AWS secretsmanager are included
* avoid the email sent on setup sending the secret keys
* enclose all variables in myEnvironment.sh within quotes (this avoids problems with variables containing spaces)
* add coreutils as required for debian installer (as we use base64 now to obfuscate passwords)
* swing client is not affected as it saves the idempiere.properties encrypted in user home folder
2021-01-03 22:19:49 +08:00
Carlos Ruiz f81c5bd954
IDEMPIERE-4602 Encrypt passwords on properties files (FHCA-1982) (#472)
* Secure sensitive files containing passwords at the end of build.xml for linux
  * jettyhome/etc/jetty-ssl-context.xml - contains keystore password
  * idempiereEnv.properties, idempiere.properties, utils/myEnvironment.sh - contain database and other passwords
* setup-alt.sh and console-setup-alt.sh don't need to chmod as the ant task already did it
* add port to hazelcast-template.xml (useful in case there are same databases in different ports on the server)
2020-12-20 07:30:15 +01:00
hieplq 58258ad506
Idempiere-4492 update library (eclipse-4.17, jasper 6-15, jetty-9.4.33, atmosphere-2.6.4) (#331)
* IDEMPIERE-4492 update jetty to 9.4.33.v20201020 update atmosphere to 2.5.15

* IDEMPIERE-4492 update jetty to 9.4.33.v20201020 (update configuration)

update to default jetty configuration
delete unused configuration (alpn, http2,..)

* IDEMPIERE-4492 update orbit eclipse repository to 4.17

* IDEMPIERE-4492 update orbit eclipse repository to 4.17 (on parent pom)

* IDEMPIERE-4492 update jasper to 6.15.0

* IDEMPIERE-4492 update jasper to 6.15.0 (IDEMPIERE-4504)

get rid of bundle "org.w3c.dom.events version 3.0.0" by use old version of org.w3c.dom.smil

note: on target platform a bundle has multi version then tycho can pickup correct version define on feature (tab included plugins, field version)
but on eclipse when sync launching from .product it don't respect that value, always set highest version to bundle
workaround: on target platform manual un-select bundle org.w3c.dom.smil 1.0.1

* IDEMPIERE-4492 update atmosphere to 2.6.4

* IDEMPIERE-4492 refine target platform

use targetplatform-dsl to generate target platform https://github.com/eclipse-cbi/targetplatform-dsl
   + don't need to care update bundle version when update repository
   + at moment org.idempiere.eclipse.platform-feature include some feature form eclipse repository
     so target has to include that feature so target platform will include all bundler request by feature and bundle request by plugins of that feature and so on (ever optional
     so it make target content has more plugins than what we use on project
     next step will convert include feature to include plugins to define only what we used

* IDEMPIERE-4492 refine target platform (continue)

don't include framework feature, use include plugins to void load transitive dependency so minimize target flatform
remove some unused feature from idempiere product

* IDEMPIERE-4492 update c3p0 and database jdbc (patch from Carlos)
2020-10-31 06:53:36 +08:00
Carlos Ruiz 601d9b6d85 IDEMPIERE-3440 on centos (and like centos) tmp is managed by OS, sometime it corrupt jetty 2017-10-11 15:46:16 +02:00
hieplq 91c52aeded IDEMPIERE-3136:all stuff relate library of idempiere
update jetty to 9.3.10
2016-07-08 15:40:24 +07:00
Heng Sin Low 0b2fbe27ae IDEMPIERE-2245 Platform Upgrade for r3. 2014-10-13 11:05:19 +08:00
Heng Sin Low 84f93dd0ac Update core product version to 2.0.0. Fixed installation and script. 2013-11-22 08:17:27 +08:00
Heng Sin Low bafafa3239 Fixed setup and installation script. 2012-06-20 16:58:04 +08:00
Heng Sin Low 668e61686f IDEMPIERE-166 Rebranding of logo and product name 2012-06-06 22:13:34 +08:00
Heng Sin Low af5cd44af8 Implemented db configuration as extension. Remove JVM type checking. 2010-11-29 01:59:28 +08:00
Heng Sin Low 153cc5df3c Server build and installation using buckminster. Added script for adempiere server startup and setup ( gui and console mode ). 2010-11-04 03:46:38 +08:00