3:48 a.m.
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:33 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Rob Stryker commented on JBIDE-10490:
-------------------------------------
Having a hard time coming up with ways to ensure this is correct and secure, really.
Unfortunately, the methods where we set a password are only performed on working copies of
the server. For example, in the editor. Editors obviously must be saved to persist the
changes. However there is no servertools API to get a delta when a server object has
changed. We can't know what keys have changed, and we can't respond to the change.
Not really.
If a user is editing something in the server editor, such as credentials, I only really
have two options. I can save the new username / password combo every time they push a
keystroke. This, obviously, does not go along with the idea of a working copy at all.
It'd be persisting changes before the user has saved the editor, and, if the user
cancels the editor without saving, we have no way to reverse it.
The other option is to only store it inside the server in plain text, as is done now.
Then, on a server save, get the value stored in the server, put it into secure storage,
and clear it from the server object.
Both of these seem absolutely 100% horrible.
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
12:52 p.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Rob Stryker commented on JBIDE-10490:
-------------------------------------
I've just tried a whole collection of different workarounds and hit dead-ends at
almost every turn. I tried changing the implementation of JBossServer to store in a
regular variable the new value until the server has been saved. Even this could fail if
two different pieces of code created a working copy at the same time, I thoght it was
worth a shot. Unfortunately, the editor for some reason cannot convert the
IServerWorkingCOpy into a JBossServer to access this method. At this point in the editor,
it never seems to convert properly, which is why almost all other "sections" are
using a ServerAttributeHelper to set properties inside the server.
I tried separating it out into a further utility class, single-use class, kinda ugly, but
even then, there were too many deficiencies. For example if a user changes something in
the editor, but in the end does not save it, this utility class will keep the
changed-but-not-saved value. The next save, on any part of the server model, will also
have it persist this, even if password wasn't changed on the next edit.
There are entirely too many deficiencies here...
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
1:11 p.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Rob Stryker commented on JBIDE-10490:
-------------------------------------
The first page in a server editor is called the OverviewEditorPart. When this page is
saved, no action is taken. The individual sections are not alerted to this save event. A
previous bug (or design flaw) years ago in WTP made it so additional pages (such as our
deployment page) would not be allerted on a doSave(etc) either, but I submitted a patch
to wtp to fix that. Now, each page is alerted, but individual sections are not.
This means that if we had a separate page for credentials, a page under our control
(instead of OverviewEditorPart, which is directly instantiated), we might be able to take
more custom action on a save event to ensure that secure storage is made use of.
Currently, however, with credentials on the OverviewEditorPart, it is not possible without
nearly destroying the codebase nad making it extremely fragile.
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:09 p.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Rob Stryker commented on JBIDE-10490:
-------------------------------------
I've opened a new bug in wtp, but of course there's no guarantee when it'll
make it in. I added a patch, but, we can't depend on this patch when designing our UI
sadly.
https://bugs.eclipse.org/bugs/show_bug.cgi?id=367460
This patch would allow sections to store data in other models. Unfortunately it's not
possible now.
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:59 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Max Rydahl Andersen commented on JBIDE-10490:
---------------------------------------------
why not just save/edit username in the field and only handle password in the actual
username/password dialog which can store in the secure storage when user checks "Save
password" checkbox ?
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
1:56 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Rob Stryker commented on JBIDE-10490:
-------------------------------------
Patch committed to milestones in eclipse semes to fix the editor issue:
https://bugs.eclipse.org/bugs/show_bug.cgi?id=367460
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:45 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Max Rydahl Andersen commented on JBIDE-10490:
---------------------------------------------
Why not just not show the password in the server editor ? Just have a reset button for the
secure storage storage.
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:09 p.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Nick Boldt commented on JBIDE-10490:
------------------------------------
Reqs mirror updated. TP coming up next:
http://hudson.qa.jboss.com/hudson/job/jbosstools-3.3_trunk.target-platfor...
http://hudson.qa.jboss.com/hudson/job/devstudio-5.0_trunk.target-platform...
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:15 p.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Nick Boldt edited comment on JBIDE-10490 at 1/17/12 3:14 PM:
-------------------------------------------------------------
Reqs mirror updated. TP coming up next:
http://hudson.qa.jboss.com/hudson/job/jbosstools-3.3_trunk.target-platfor... (oops, had
to push updated composite metadata to server. D'oh.)
http://hudson.qa.jboss.com/hudson/job/devstudio-5.0_trunk.target-platform...
was (Author: nickboldt):
Reqs mirror updated. TP coming up next:
http://hudson.qa.jboss.com/hudson/job/jbosstools-3.3_trunk.target-platfor...
http://hudson.qa.jboss.com/hudson/job/devstudio-5.0_trunk.target-platform...
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:25 p.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Nick Boldt commented on JBIDE-10490:
------------------------------------
OK, TP is respun. However you need to compile/commit/test this, please start your
engines.
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:46 p.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Denis Golovin commented on JBIDE-10490:
---------------------------------------
New storage password request blocks tests execution for as component, that's why we
have about 70 tests less and longer test execution time
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:52 p.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Denis Golovin updated JBIDE-10490:
----------------------------------
Attachment: screenshot-storage-password-request.png
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
Attachments: screenshot-storage-password-request.png
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:52 p.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Denis Golovin commented on JBIDE-10490:
---------------------------------------
Another minor problem with this dialog is size in case path to storage location is long
enough, see attached screenshot !screenshot-storage-password-request.png|thumbnail!
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
Attachments: screenshot-storage-password-request.png
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:52 p.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Denis Golovin edited comment on JBIDE-10490 at 1/18/12 4:51 PM:
----------------------------------------------------------------
Another minor problem with this dialog is size in case path to storage location is long
enough, see attached screenshot
!screenshot-storage-password-request.png|thumbnail!
was (Author: dgolovin):
Another minor problem with this dialog is size in case path to storage location is
long enough, see attached screenshot !screenshot-storage-password-request.png|thumbnail!
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
Attachments: screenshot-storage-password-request.png
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
1:26 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Max Rydahl Andersen commented on JBIDE-10490:
---------------------------------------------
...and additionaly, why is this secure storage within .as6 location ?! shouldn't this
be in the already existing secure location managed by eclipse ?
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
Attachments: screenshot-storage-password-request.png
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:37 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Rob Stryker commented on JBIDE-10490:
-------------------------------------
Dennis: Any suggestion how to make sure it doesn't block?
Max: storage has been moved to default storage location
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
Attachments: screenshot-storage-password-request.png
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:40 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Denis Golovin commented on JBIDE-10490:
---------------------------------------
it depends what is forced it to pop up. If you are trying to test dialog itself I would
suggest make it none modal. If it is just a side effect of last fixes I would suggest
option in preferences or system property to suppress it.
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
Attachments: screenshot-storage-password-request.png
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:27 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Max Rydahl Andersen commented on JBIDE-10490:
---------------------------------------------
its a password dialog so its required only when password is needed - which tests has that
requirement today?
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
Attachments: screenshot-storage-password-request.png
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:32 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Max Rydahl Andersen commented on JBIDE-10490:
---------------------------------------------
btw. example of system property related to "hide dialogs" are:
jface enables these by default when running in headless mode, not sure how actually ;)
org.eclipse.jface.dialogsErrorDialog.AUTOMATED_MODE
org.eclipse.jface.util.SafeRunnable.get/setIgnoreErrors
our own usage tracking has:
usage_reporting_enabled
and WTP also have one related to approving license of xsd/dtd downloads
wtp.autotest.noninteractive
...but for this case I do not understand why any tests would trigger this since they
don't require username/passwords afaik.
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
Attachments: screenshot-storage-password-request.png
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:06 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Rob Stryker commented on JBIDE-10490:
-------------------------------------
Found the stack:
at org.eclipse.equinox.internal.security.storage.SecurePreferencesWrappe
r.put(SecurePreferencesWrapper.java:110)
at org.jboss.ide.eclipse.as.core.util.ServerUtil.storeInSecureStorage(Se
rverUtil.java:208)
at org.jboss.ide.eclipse.as.test.server.ServerSecureStorageTest.testServ
erSecureStorage(ServerSecureStorageTest.java:30)
Seems testing the secure storage is what's initiating this debacle...
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
Attachments: screenshot-storage-password-request.png
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
1:13 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Rob Stryker resolved JBIDE-10490.
---------------------------------
Resolution: Done
Well, this specific issue is resolved. I could not find a way to actually test secure
storage with credentials (or forcing a no-credential flag), so i finally just disabled hte
test. Finally have a good build after a week or so of bad stuff.
ALl manual tests indicate secure storage functions properly.
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
Attachments: screenshot-storage-password-request.png
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
7:16 a.m.
[
https://issues.jboss.org/browse/JBIDE-10490?page=com.atlassian.jira.plugi...
]
Martin Malina closed JBIDE-10490.
---------------------------------
Verified in jbdevstudio-product-universal-5.0.0.v201202250031M-H77-Beta1.jar
do not store server passwords in plain text
-------------------------------------------
Key: JBIDE-10490
URL: https://issues.jboss.org/browse/JBIDE-10490
Project: Tools (JBoss Tools)
Issue Type: Bug
Components: JBossAS/Servers
Reporter: Max Rydahl Andersen
Assignee: Rob Stryker
Priority: Blocker
Fix For: 3.3.0.Beta1
Attachments: screenshot-storage-password-request.png
last time we looked at this passwords were still being stored "unsafely" -
opening this to make sure we get that fixed by using eclipse's secure storage apis
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
5144
days inactive
5225
days old
jbosstools-issues@lists.jboss.org
22 comments
8 participants
participants (8)
-
Denis Golovin (JIRA) -
Martin Malina (JIRA)
-
Max Rydahl Andersen (Commented) (JIRA)
-
Max Rydahl Andersen (Created) (JIRA)
-
Max Rydahl Andersen (JIRA)
-
Nick Boldt (JIRA)
-
Rob Stryker (Commented) (JIRA)
-
Rob Stryker (JIRA)