[overlord-issues] [JBoss JIRA] (SRAMP-384) Add validation for password in overlord commons installer
Eric Wittmann (JIRA)
issues at jboss.org
Fri Mar 21 10:46:12 EDT 2014
[ https://issues.jboss.org/browse/SRAMP-384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Eric Wittmann reassigned SRAMP-384:
-----------------------------------
Assignee: David virgil naranjo (was: Eric Wittmann)
> Add validation for password in overlord commons installer
> ---------------------------------------------------------
>
> Key: SRAMP-384
> URL: https://issues.jboss.org/browse/SRAMP-384
> Project: S-RAMP
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Reporter: Eric Wittmann
> Assignee: David virgil naranjo
> Fix For: 0.5.0 - API Management
>
>
> Currently the overlord commons installer is responsible for doing all security related work. This includes creating the overlord 'admin' user and configured a password for this user. The installer prompts the user for this password and then passes whatever the user entered to the JBoss EAP add-user utility. This utility will fail if the password does not meet certain standards. However, the utility fails without failing the overall install.
> The installer should do its own validation of the password entered by the user so that this silent failure doesn't happen. Also note that the password input and validation should happen before anything else security related gets installed.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the overlord-issues
mailing list