[CAS] Configuration files protection in a production environment
Davide Malacrida
Hello everyone,
Lately we have been working on a locally deployed instance of Apereo CAS, in order to study the product a bit. We have the following doubt regarding how configuration files should be treated when deploying Apereo CAS in a real production environment:
In order to keep configuration files safe from being read and/or manipulated by an external attacker, we have basically encrypted every <key:value> pair with a symmetric key, which is shared with Apereo CAS itself. With this solution Apereo CAS can still access the configuration files when it starts, but if someone manages to get into the VM where the product is installed, he won’t be able to do anything with the files because they are encrypted.
However, we have decided to take this route just because this particular instance of the product is deployed locally and is used only for learning purposes. I have read online that sometimes when deploying in a real production environment, a good practice is to keep the configuration files in an external encrypted DB. The product can than be configured to gather these files from the external DB when it starts. I was wondering, is this considered a best practice when it comes to Apereo CAS (and most importantly, is this feature supported)? Also, are there any other best practices which you would suggest to use with Apereo CAS when it comes to protecting configuration files in real production environment?
Thanks for your help,
Davide Malacrida
IAM Functional Analyst
Ray Bon
Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.
--
Davide Malacrida
Davide Malacrida