Subsystems Security (com.soa.subsystems.security)

Subsystem Security configuration

Store Passwords in Database (security.service.storePasswordsInDatabase)

For extra security we have an option not to keep encrypted passwords in the database. Some policies will not work when this is enabled.

Default: true

Encrypt Password (security.service.encryptPasswordHashes)

For extra security we can encrypt hashed passwords we store in database. This must be configured prior to running configure database task. Once set this must never be changed.

Default: false

Password hashing algorithm (security.service.hashingAlgorithm)

Password hashing algorithm. Valid options are: SHA1, SHA256, SHA384, SHA512, MD5. This must be configured prior to running configure database task. Once set this must never be changed.

Default: SHA512

Hashing salt length. (security.service.saltLength)

The length of randomly generated bytes to append to password prior to hashing.

Default: 64

Hash Iterations (security.service.hashIterations)

The number of iterations to perform when using PBKDF2 algorithm

Default: 2000

Hash Iterations (security.service.hashLength)

The hash length when using PBKDF2 algorithm

Default: 512

Encryption Mode (security.service.encryptionMode)

The encryption mode for encryption/decryption

Default: ECB