How to generate remember-me encryptionKey
Brought to you by:
chris_schultz,
maxcooper
Menu
▾
▴
I have successfully configured SecurityFilter with the remember-me login configuration as shown in the example configuration file [securityfilter-2.0-src\web\rememberme\WEB-INF\securityfilter-config.xml].
Now I would like to create custom keys for my application. Obviously using the default keys provided in the example is not secure given they are not private. However, I cannot find any documentation or mailing list topics with instructions on how to generate the encryptionKey and validationKey.
I have included my remember-me login configuration for reference:
<remember-me
className="org.securityfilter.authenticator.persistent.DefaultPersistentLoginManager">
<remember-me-param name="cookieLife" value="15" />
<remember-me-param name="protection" value="all" />
<remember-me-param name="useIP" value="false" />
<remember-me-param name="encryptionAlgorithm" value="DES" />
<remember-me-param name="encryptionMode" value="ECB"/>
<remember-me-param name="encryptionPadding" value="PKCS5Padding" />
<!-- encryption keys; customize for each application -->
<!-- NOTE: these kys must be speciied AFTER other encryption settings -->
<remember-me-param name="validationKey" value="347382902489402489754895734890347" />
<remember-me-param name="encryptionKey" value="347892347028490237487846240673842" />
</remember-me>
Regards,
Warner