You can subscribe to this list here.
2007 |
Jan
|
Feb
(5) |
Mar
|
Apr
(2) |
May
(1) |
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
(1) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2008 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2010 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
2011 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
From: Daniel F. <dfe...@us...> - 2011-10-01 17:13:52
|
Hello everyone, Jasypt has now a user forum at http://forum.jasypt.org, much easier to use than the old mailing lists and with a lot of interesting features. This mailing list is therefore being closed and no further posting will be allowed. The mailing list archives will be still accessible at: http://old.nabble.com/Jasypt---Users-f21330.html Regards, Daniel. |
From: Daniel F. <dfe...@us...> - 2011-07-25 18:01:57
|
Jasypt 1.8 has been just released [ http://www.jasypt.org ] Changes from 1.7.1: * Modified in-memory storage of PBE passwords to avoid having Strings in memory that contain the password being used. Now PBE passwords are stored as char[] objects that are zeroed as soon as they are used. New "setPasswordCharArray(char[] password)" methods allow users to specify passwords as char[] also, so that there is no need to create String passwords. [ see http://www.jasypt.org/faq.html#store-pbe-passwords-strings ] * Modified the order in which Normalizer implementations are used: now icu4j is used if it is in the classpath (even if Java >= 6 is being used). If icu4j is not present, java.text.Normalizer is used (if Java >= 6). * Added to EncryptablePropertyPlaceholderConfigurer the ability to decrypt system properties. * Fixed CLI scripts: *.jar in "find" command was matching jar files in the current folder instead of those in the lib folder. Fixed by surrounding "*.jar" by simple inverted commas * Small bugfixing for large BigInteger number decryption. Central Maven repositories are being synced. Regards, Daniel. |
From: Daniel F. <dfe...@us...> - 2011-04-15 00:15:07
|
Jasypt 1.7.1 has just been released. This is just a maintenance bugfixing release solving a problem related to EncryptableServletContextPropertyPlaceholderConfigurer. You do not need to update if you are not affected by this issue. See the project website at http://www.jasypt.org Regards, Daniel |
From: Daniel F. <dfe...@us...> - 2010-10-29 01:46:16
|
Hello! I am very happy to announce the release of jasypt 1.7. This is a very important release, including lots of exciting new features. See What's new here: http://www.jasypt.org/whatsnew17.html Brief summary: * Hibernate 3.6 compatibility * Removal of third-party dependencies * Pooled encryptors for improved performance in multi-processor/multi-core systems * Lightweight jar * Algorithm Registry class for easily knowing the installed algorithms * Prefix and Suffix configuration * Lenient salt size checking * Salt positioning configuration features * Compatibility with RFC2307 password encryption standards used in LDAP systems * Rebuilt command-line (CLI) scripts * Rebuilt zip distribution package * Encryptable ServletContextPropertyPlaceholderConfigurer implementation for Spring * Encryptable PreferencesPlaceholderConfigurer implementation for Spring * TokenBasedRememberMeServices implementation for Spring Security 3 You can download jasypt 1.7 from Maven or from the project's website at http://www.jasypt.org IMHO this is the best jasypt release ever, so please spread the word! Regards, Daniel |
From: Daniel F. <dfe...@us...> - 2010-01-07 01:05:17
|
Jasypt 1.6 has just been released. Changelog: - Modified Class.forName calls to use current thread's context classloader. - Fixed JavaDoc for Spring Security -related classes. - Added missing registerPBE*Encryptor methods in HibernatePBEEncryptorRegistry - Added compatibility with Spring Framework 3.0.x and Spring Security 3.0.x - Tested compatibility with Apache Wicket 1.4.x and Hibernate 3.2.x For more info, visit the project's web at http://www.jasypt.org Regards, Daniel. |
From: Daniel F. <dfe...@us...> - 2008-06-10 02:10:54
|
Jasypt 1.5 has just been released! What's new: * Dependency on ICU4j made optional in Java 6 environments. * Added integration for Spring Security 2.x * Random number generation algorithm can now be specified in RandomSaltGenerator. You can download it from the project web site at http://www.jasypt.org Regards, Daniel. |
From:
<dfe...@us...> - 2007-12-07 01:25:08
|
Jasypt (Java Simplified Encryption) 1.4.1 has just been released. See it at http://www.jasypt.org Jasypt 1.4.1 is a minor maintenance release fixing a bug on EncryptedPasswordC3P0ConnectionProvider, which affected the correct configuration of C3P0 datasources configured with encrypted values at the hibernate.cfg.xml files. This was an important bug for people using this connection provider, so it was necessary to release a maintenance version. Upgrade to 1.4.1 is not strictly required for 1.4 users unless they are directly affected by this issue. Regards, Daniel. |
From:
<dfe...@us...> - 2007-11-23 19:53:38
|
Jasypt 1.4 has been released. Jasypt (Java Simplified Encryption) [http://www.jasypt.org] is a library aimed at providing developers a simple way to add encryption capabilities to their projects including: password digesting, text/binary encryption, Hibernate transparent encryption and Spring Security (ACEGI) integration. What's new in 1.4: * Encryptable .properties files (plus Spring integration). * Encryptable Hibernate datasource configuration. * Command line tools. * Apache Wicket integration for URL encryption. * Updated docs (including Seam 2 + jasypt integration guide) Jasypt's main features: * Jasypt follows the RSA standards for password-based cryptography, and provides you with both unidirectional and bidirectional encryption techniques. * Open API for use with any JCE provider, and not only the default Java VM one. Jasypt can be easily used with well-known providers like Bouncy Castle. * Higher security for your users' passwords. Learn more. * Binary encryption support. Jasypt allows the digest and encryption of binaries (byte arrays). Encrypt your objects or files when needed (for being sent over the net, for example). * Number encryption support. Besides texts and binaries, it allows the digest and encryption of numeric values (BigInteger and BigDecimal, other numeric types are supported when encrypting for Hibernate persistence). * Completely thread-safe. * Provides both easy, no-configuration encryption tools for users new to encryption, and also highly configurable standard encryption tools, for power-users. * Hibernate 3 optional integration for persisting fields of your mapped entities in an encrypted manner. Encryption of fields is defined in the Hibernate mapping files, and it remains transparent for the rest of the application (useful for sensitive personal data, databases with many read-enabled users...). Encrypt texts, binaries, numbers, booleans, dates... * Seamlessly integrable into a Spring application. All the digesters and encryptors in jasypt are designed to be easily used (instantiated, dependency-injected...) from Spring. And, because of their being thread-safe, they can be used without synchronization worries in a singleton-oriented environment like Spring. * Spring Security (Acegi Security) optional integration for performing password encryption and matching tasks for the security framework, improving the security of your users' passwords by using safer password encryption mechanisms and providing you with a higher degree of configuration and control. * Provides advanced functionality for encrypting all or part of an application's configuration files, including sensitive information like database passwords. Seamlessly integrate encrypted configuration into plain, Spring-based and/or Hibernate-enabled applications. * Provides easy to use CLI (Command Line Interface) tools to allow developers initialize their encrypted data and include encryption/decryption/digest operations in maintenance tasks or scripts. * Comprehensive guides and javadoc documentation, to allow developers to better understand what they are really doing to their data. * Robust charset support, designed to adequately encrypt and digest texts whichever the original charset is. Complete support for languages like Japanese, Korean, Arabic... with no encoding or platform issues. * Very high level of configuration capabilities: The developer can implement tricks like instructing an "encryptor" to ask a, for example, remote HTTPS server for the password to be used for encryption. It lets you meet your security needs. |
From:
<dfe...@us...> - 2007-07-22 23:22:07
|
*Jasypt (Java Simplified Encryption) 1.3.1 has just been released*. Jasypt 1.3.1 is a maintenance release solving a configuration bug which might arise when setting the encryption algorithm from a *Config object. This is the only bug found in jasypt since its first release in January 24th, 2007 (7,000+ downloads from SourceForge.net so far, many more from Maven repositories). *Upgrade to 1.3.1 is not strictly required for 1.3 users unless they are directly affected by this bug*. Have a look at the *features <http://www.jasypt.org/features.html>*. Regards, Daniel. |
From:
<dfe...@us...> - 2007-05-14 02:56:50
|
Jasypt 1.3 has just been released. New in this version: * A new open provider API which will allow the use of non-default JCE providers like Bouncy Castle <http://www.bouncycastle.org>. With this, any PBE or digest algorithm you can get from any JCE provider is available for you to use with Jasypt. * A new web PBE configuration system for avoiding storing encryption passwords in files in web applications, and instead asking the authorised admin for these passwords through a web form each time the application is deployed. * Ability to output Strings encoded in hexadecimal besides BASE64. Regards, Daniel. |
From:
<dfe...@us...> - 2007-04-26 06:42:05
|
A new article has been posted to the Jasypt web site, which is a detailed tutorial about how password encryption should be done at webapps and also applications of other kinds. The given explanations are valid not only for Java, but for any other technologies. You can read it here: http://www.jasypt.org/howtoencryptuserpasswords.html Regards, Daniel. |
From:
<dfe...@us...> - 2007-04-09 23:51:12
|
Jasypt (Java Simplified Encryption) is a library aimed at providing developers a simple way to add encryption capabilities to their projects including: password digesting, text/binary encryption, Hibernate transparent encryption and Spring Security (ACEGI) integration. What's new in 1.2: * Number encryption support. * New and more flexible salt generation infrastructure. * Refactored and enhanced easy API (util package). * Greatly enhanced Hibernate integration: * Easier configuration. * Support for encryption of new data types: texts, binaries, numeric types, booleans, dates... * Refactored and enhanced Spring Security (ACEGI) integration support. * New and updated documentation. Visit the project's page at: http://www.jasypt.org |
From:
<dfe...@us...> - 2007-02-24 18:23:13
|
Jasypt (Java Simplified Encryption) 1.1 has been just released. This release adds a "jasypt-spring-security" module for supporting integration into Spring Security (ACEGI) enabled applications, new encryption utilities and advanced configuration features. Changelog for this version: * [jasypt-spring-security] Added the Spring Security (Acegi Security [http://www.acegisecurity.org]) integration module. * [jasypt] Added org.jasypt.util.StrongPasswordEncryptor as a /util/ class for easy password encryption using a stronger algorithm. * [jasypt] Added org.jasypt.util.MessageDigester as a /util/ class for creating simple binary message digests. * [jasypt] Added org.jasypt.digest.config.EnvironmentDigesterConfig and org.jasypt.encryption.pbe.config.EnvironmentPBEConfig for configuration of encryptors and digesters using environment variables and system properties. * [jasypt] Objects of class org.jasypt.util.PasswordEncryptor now initialize their internal StandardStringDigester at instance creation. * [jasypt] Made org.jasypt.digest.config.DigesterConfig and org.jasypt.encryption.pbe.config.PBEConfig extend java.io.Serializable For more information, see http://www.jasypt.org |
From:
<dfe...@us...> - 2007-02-09 01:47:23
|