pmoeller
I'm new here

Extension of the configuration password encryption feature possible?

Jump to solution

Hi everyone,

I have a question about the configuration password encryption feature that was added in 5.2.1608.

We are developers of a module for FirstSpirit and we would like to add a similar feature to our module.

But is seems unhandy for the user (or admin in this case) to have to add a password source for both FS and our module.

Is there a way to add more configuration files (and/or single properties) to the list of encryptable configurations?

Or is there a way to access the password source that was configured for FS out of the module so we can implement the feature based on the fs configuration ourselves?

Or can you think of another way that would solve the problem?

I am looking forward to your input.

Best Regards,

Philipp

0 Kudos
1 Solution

Accepted Solutions
dleinich
Occasional Collector

Hi Philipp,

thank you for your feedback and use cases!

We do want to provide encryption functionality to module developers as well to allow encrypting passwords in module configurations for example. We even wanted to do that with the initial release but decided against it as the implementation proved to be very complex and would have delayed the feature. We have an internal feature request to implement exactly that, though, and are currently evaluating how and when to do it. I cannot give an estimate on availability yet but we definitely want to do it someday.

In the meantime you could implement the encryption of passwords for your modules yourself, encrypting it directly in your custom module code and saving the encrypted string to your module configuration. There just is no central agent or anything providing this functionality out of the box yet.

Thanks again for your questions and use cases. At the first glance our internal discussion seem to align with your ideas and needs.

Best regards,

Daniel

View solution in original post

0 Kudos
1 Reply
dleinich
Occasional Collector

Hi Philipp,

thank you for your feedback and use cases!

We do want to provide encryption functionality to module developers as well to allow encrypting passwords in module configurations for example. We even wanted to do that with the initial release but decided against it as the implementation proved to be very complex and would have delayed the feature. We have an internal feature request to implement exactly that, though, and are currently evaluating how and when to do it. I cannot give an estimate on availability yet but we definitely want to do it someday.

In the meantime you could implement the encryption of passwords for your modules yourself, encrypting it directly in your custom module code and saving the encrypted string to your module configuration. There just is no central agent or anything providing this functionality out of the box yet.

Thanks again for your questions and use cases. At the first glance our internal discussion seem to align with your ideas and needs.

Best regards,

Daniel

0 Kudos