[JBoss JIRA] Created: (GTNPORTAL-1606) HTTPS protection of login and password changes

[JBoss JIRA] Created:...

Bill Elliot (JIRA)

Wednesday, 27 October 2010 Wed, 27 Oct '10

11:38 a.m.

HTTPS protection of login and password changes ---------------------------------------------- Key: GTNPORTAL-1606 URL: https://jira.jboss.org/browse/GTNPORTAL-1606 Project: GateIn Portal Issue Type: Feature Request Security Level: Public (Everyone can see) Affects Versions: 3.1.0-GA Reporter: Bill Elliot It is good security practice to use HTTPS when having the user enter any sensitive information like passwords. Can we have the portal modified so that the login and password change screens are placed into HTTPS mode, if HTTPS has been configured. Personally I would not be using a site that does not use HTTPS for login. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

Show replies by date

kien nguyen (JIRA)

Wednesday, 9 March Wed, 9 Mar

6:04 a.m.

New subject: [JBoss JIRA] Updated: (GTNPORTAL-1606) HTTPS protection of login and password changes

[ https://issues.jboss.org/browse/GTNPORTAL-1606?page=com.atlassian.jira.pl... ] kien nguyen updated GTNPORTAL-1606: ----------------------------------- Original Estimate: 1 day Remaining Estimate: 1 day

...

HTTPS protection of login and password changes ---------------------------------------------- Key: GTNPORTAL-1606 URL: https://issues.jboss.org/browse/GTNPORTAL-1606 Project: GateIn Portal Issue Type: Feature Request Security Level: Public(Everyone can see) Affects Versions: 3.1.0-GA Reporter: Bill Elliot Labels: portal-s49 Original Estimate: 1 day Remaining Estimate: 1 day It is good security practice to use HTTPS when having the user enter any sensitive information like passwords. Can we have the portal modified so that the login and password change screens are placed into HTTPS mode, if HTTPS has been configured. Personally I would not be using a site that does not use HTTPS for login.

-- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

Minh Hoang TO (JIRA)

Monday, 14 March Mon, 14 Mar

9:20 p.m.

New subject: [JBoss JIRA] Assigned: (GTNPORTAL-1606) HTTPS protection of login and password changes

[ https://issues.jboss.org/browse/GTNPORTAL-1606?page=com.atlassian.jira.pl... ] Minh Hoang TO reassigned GTNPORTAL-1606: ---------------------------------------- Assignee: Minh Hoang TO

...

HTTPS protection of login and password changes ---------------------------------------------- Key: GTNPORTAL-1606 URL: https://issues.jboss.org/browse/GTNPORTAL-1606 Project: GateIn Portal Issue Type: Feature Request Security Level: Public(Everyone can see) Affects Versions: 3.1.0-GA Reporter: Bill Elliot Assignee: Minh Hoang TO Labels: portal-s49 Original Estimate: 1 day Remaining Estimate: 1 day It is good security practice to use HTTPS when having the user enter any sensitive information like passwords. Can we have the portal modified so that the login and password change screens are placed into HTTPS mode, if HTTPS has been configured. Personally I would not be using a site that does not use HTTPS for login.

-- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

Minh Hoang TO (JIRA)

Tuesday, 15 March Tue, 15 Mar

1:51 a.m.

New subject: [JBoss JIRA] Work started: (GTNPORTAL-1606) HTTPS protection of login and password changes

[ https://issues.jboss.org/browse/GTNPORTAL-1606?page=com.atlassian.jira.pl... ] Work on GTNPORTAL-1606 started by Minh Hoang TO.

...

HTTPS protection of login and password changes ---------------------------------------------- Key: GTNPORTAL-1606 URL: https://issues.jboss.org/browse/GTNPORTAL-1606 Project: GateIn Portal Issue Type: Feature Request Security Level: Public(Everyone can see) Affects Versions: 3.1.0-GA Reporter: Bill Elliot Assignee: Minh Hoang TO Labels: portal-s49 Original Estimate: 1 day Remaining Estimate: 1 day It is good security practice to use HTTPS when having the user enter any sensitive information like passwords. Can we have the portal modified so that the login and password change screens are placed into HTTPS mode, if HTTPS has been configured. Personally I would not be using a site that does not use HTTPS for login.

-- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

Minh Hoang TO (JIRA)

8:55 p.m.

New subject: [JBoss JIRA] Commented: (GTNPORTAL-1606) HTTPS protection of login and password changes

[ https://issues.jboss.org/browse/GTNPORTAL-1606?page=com.atlassian.jira.pl... ] Minh Hoang TO commented on GTNPORTAL-1606: ------------------------------------------ The solution is to create a servlet filter that modifies request scheme then sends a redirect response. The filter should follows pattern of GenericFilter to support extension mechanism

...

HTTPS protection of login and password changes ---------------------------------------------- Key: GTNPORTAL-1606 URL: https://issues.jboss.org/browse/GTNPORTAL-1606 Project: GateIn Portal Issue Type: Feature Request Security Level: Public(Everyone can see) Affects Versions: 3.1.0-GA Reporter: Bill Elliot Assignee: Minh Hoang TO Labels: portal-s49 Original Estimate: 1 day Remaining Estimate: 1 day It is good security practice to use HTTPS when having the user enter any sensitive information like passwords. Can we have the portal modified so that the login and password change screens are placed into HTTPS mode, if HTTPS has been configured. Personally I would not be using a site that does not use HTTPS for login.

-- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

Minh Hoang TO (JIRA)

10:08 p.m.

New subject: [JBoss JIRA] Work stopped: (GTNPORTAL-1606) HTTPS protection of login and password changes

[ https://issues.jboss.org/browse/GTNPORTAL-1606?page=com.atlassian.jira.pl... ] Work on GTNPORTAL-1606 stopped by Minh Hoang TO.

...

HTTPS protection of login and password changes ---------------------------------------------- Key: GTNPORTAL-1606 URL: https://issues.jboss.org/browse/GTNPORTAL-1606 Project: GateIn Portal Issue Type: Feature Request Security Level: Public(Everyone can see) Affects Versions: 3.1.0-GA Reporter: Bill Elliot Assignee: Minh Hoang TO Labels: portal-s49, worked Original Estimate: 1 day Remaining Estimate: 1 day It is good security practice to use HTTPS when having the user enter any sensitive information like passwords. Can we have the portal modified so that the login and password change screens are placed into HTTPS mode, if HTTPS has been configured. Personally I would not be using a site that does not use HTTPS for login.

-- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

Minh Hoang TO (JIRA)

10:08 p.m.

New subject: [JBoss JIRA] Work logged: (GTNPORTAL-1606) HTTPS protection of login and password changes

[ https://issues.jboss.org/browse/GTNPORTAL-1606?page=com.atlassian.jira.pl... ] Minh Hoang TO logged work on GTNPORTAL-1606: -------------------------------------------- Author: Minh Hoang TO Created on: 15/Mar/11 11:08 PM Start Date: 15/Mar/11 11:08 PM Worklog Time Spent: 6 hours Issue Time Tracking ------------------- Remaining Estimate: 2 hours (was: 1 day) Time Spent: 6 hours Worklog Id: (was: 12423856)

...

HTTPS protection of login and password changes ---------------------------------------------- Key: GTNPORTAL-1606 URL: https://issues.jboss.org/browse/GTNPORTAL-1606 Project: GateIn Portal Issue Type: Feature Request Security Level: Public(Everyone can see) Affects Versions: 3.1.0-GA Reporter: Bill Elliot Assignee: Minh Hoang TO Labels: portal-s49, worked Original Estimate: 1 day Time Spent: 6 hours Remaining Estimate: 2 hours It is good security practice to use HTTPS when having the user enter any sensitive information like passwords. Can we have the portal modified so that the login and password change screens are placed into HTTPS mode, if HTTPS has been configured. Personally I would not be using a site that does not use HTTPS for login.

-- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

Minh Hoang TO (JIRA)

10:08 p.m.

New subject: [JBoss JIRA] Updated: (GTNPORTAL-1606) HTTPS protection of login and password changes

[ https://issues.jboss.org/browse/GTNPORTAL-1606?page=com.atlassian.jira.pl... ] Minh Hoang TO updated GTNPORTAL-1606: ------------------------------------- Labels: portal-s49 worked (was: portal-s49)

...

HTTPS protection of login and password changes ---------------------------------------------- Key: GTNPORTAL-1606 URL: https://issues.jboss.org/browse/GTNPORTAL-1606 Project: GateIn Portal Issue Type: Feature Request Security Level: Public(Everyone can see) Affects Versions: 3.1.0-GA Reporter: Bill Elliot Assignee: Minh Hoang TO Labels: portal-s49, worked Original Estimate: 1 day Time Spent: 6 hours Remaining Estimate: 2 hours It is good security practice to use HTTPS when having the user enter any sensitive information like passwords. Can we have the portal modified so that the login and password change screens are placed into HTTPS mode, if HTTPS has been configured. Personally I would not be using a site that does not use HTTPS for login.

-- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

Boleslaw Dawidowicz (JIRA)

Friday, 27 July Fri, 27 Jul

5:30 p.m.

New subject: [JBoss JIRA] (GTNPORTAL-1606) HTTPS protection of login and password changes

[ https://issues.jboss.org/browse/GTNPORTAL-1606?page=com.atlassian.jira.pl... ] Boleslaw Dawidowicz closed GTNPORTAL-1606. ------------------------------------------ Resolution: Out of Date Should be verified in gatein master and reopened if still valid

...

HTTPS protection of login and password changes ---------------------------------------------- Key: GTNPORTAL-1606 URL: https://issues.jboss.org/browse/GTNPORTAL-1606 Project: GateIn Portal Issue Type: Feature Request Security Level: Public(Everyone can see) Affects Versions: 3.1.0-GA Reporter: Bill Elliot Assignee: Minh Hoang TO Labels: portal-s49, worked Original Estimate: 1 day Time Spent: 6 hours Remaining Estimate: 2 hours It is good security practice to use HTTPS when having the user enter any sensitive information like passwords. Can we have the portal modified so that the login and password change screens are placed into HTTPS mode, if HTTPS has been configured. Personally I would not be using a site that does not use HTTPS for login.

-- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira

4548

days inactive

5187

days old

gatein-issues@lists.jboss.org

Manage subscription

8 comments

4 participants

tags (0)

participants (4)

Bill Elliot (JIRA)
Boleslaw Dawidowicz (JIRA)
kien nguyen (JIRA)
Minh Hoang TO (JIRA)

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

[JBoss JIRA] Created: (GTNPORTAL-1606) HTTPS protection of login and password changes