[JBoss JIRA] (AS7-2678) Don't include a usable default user in the config - enabling this user undermines switching security on in the first place.
4:43 a.m.
Don't include a usable default user in the config - enabling this user undermines
switching security on in the first place.
---------------------------------------------------------------------------------------------------------------------------
Key: AS7-2678
URL: https://issues.jboss.org/browse/AS7-2678
Project: Application Server 7
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Critical
Fix For: 7.1.0.Beta1
We need a line in the file to demonstrate the format of a user but having a default
working user with a password undermines the security we are enabling by default is
guessing the password is simple.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:13 a.m.
[
https://issues.jboss.org/browse/AS7-2678?page=com.atlassian.jira.plugin.s...
]
Brian Stansberry updated AS7-2678:
----------------------------------
Fix Version/s: 7.1.0.CR1
(was: 7.1.0.Beta1)
IMO this is not critical for Beta1.
Besides the immediate Beta1 scheduling question, I don't think we should do this until
we are comfortable that we have a very user friendly solution for dealing with the
implications of being locked down by default. That is, uncommenting this line is currently
the easiest way to get a working dev system and we shouldn't disable it until the
newer ways like $local clearly work well.
Don't include a usable default user in the config - enabling this
user undermines switching security on in the first place.
---------------------------------------------------------------------------------------------------------------------------
Key: AS7-2678
URL: https://issues.jboss.org/browse/AS7-2678
Project: Application Server 7
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Critical
Fix For: 7.1.0.CR1
We need a line in the file to demonstrate the format of a user but having a default
working user with a password undermines the security we are enabling by default is
guessing the password is simple.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:37 a.m.
[
https://issues.jboss.org/browse/AS7-2678?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse updated AS7-2678:
----------------------------------
Fix Version/s: 7.1.0.Beta1
(was: 7.1.0.CR1)
Don't include a usable default user in the config - enabling this
user undermines switching security on in the first place.
---------------------------------------------------------------------------------------------------------------------------
Key: AS7-2678
URL: https://issues.jboss.org/browse/AS7-2678
Project: Application Server 7
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Critical
Fix For: 7.1.0.Beta1
We need a line in the file to demonstrate the format of a user but having a default
working user with a password undermines the security we are enabling by default is
guessing the password is simple.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:55 p.m.
[
https://issues.jboss.org/browse/AS7-2678?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse resolved AS7-2678.
-----------------------------------
Resolution: Done
https://github.com/jbossas/jboss-as/commit/78fd5ef4d42ac1fe9e6d8b64a5bea9...
Don't include a usable default user in the config - enabling this
user undermines switching security on in the first place.
---------------------------------------------------------------------------------------------------------------------------
Key: AS7-2678
URL: https://issues.jboss.org/browse/AS7-2678
Project: Application Server 7
Issue Type: Task
Components: Domain Management, Security
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Critical
Fix For: 7.1.0.Beta1
We need a line in the file to demonstrate the format of a user but having a default
working user with a password undermines the security we are enabling by default is
guessing the password is simple.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
5325
days inactive
5330
days old
3 comments
4 participants
participants (4)
-
Brian Stansberry (Updated) (JIRA) -
Darran Lofthouse (Created) (JIRA)
-
Darran Lofthouse (Resolved) (JIRA)
-
Darran Lofthouse (Updated) (JIRA)