July 2014 - overlord-issues - Jboss List Archives

[JBoss JIRA] (SRAMP-515) overlord commons installer saml password filtering

by Eric Wittmann (JIRA)

[ https://issues.jboss.org/browse/SRAMP-515?page=com.atlassian.jira.plugin.... ] Eric Wittmann reassigned SRAMP-515: ----------------------------------- Assignee: Eric Wittmann (was: David virgil naranjo) > overlord commons installer saml password filtering > -------------------------------------------------- > > Key: SRAMP-515 > URL: https://issues.jboss.org/browse/SRAMP-515 > Project: S-RAMP > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Reporter: David virgil naranjo > Assignee: Eric Wittmann > Fix For: 0.5.0 > > > The filtering in the overlord-commons installer for the properties saml-keystore password and saml-keystore alias password is not getting done in the overlord.properties file. -- This message was sent by Atlassian JIRA (v6.2.6#6264)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SRAMP-515) overlord commons installer saml password filtering

by Eric Wittmann (JIRA)

[ https://issues.jboss.org/browse/SRAMP-515?page=com.atlassian.jira.plugin.... ] Eric Wittmann commented on SRAMP-515: ------------------------------------- This was discovered to be broken in the Beta2 release. I fixed it: https://github.com/Governance/overlord-commons/commit/e562254238330348a1b... > overlord commons installer saml password filtering > -------------------------------------------------- > > Key: SRAMP-515 > URL: https://issues.jboss.org/browse/SRAMP-515 > Project: S-RAMP > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Reporter: David virgil naranjo > Assignee: Eric Wittmann > Fix For: 0.5.0 > > > The filtering in the overlord-commons installer for the properties saml-keystore password and saml-keystore alias password is not getting done in the overlord.properties file. -- This message was sent by Atlassian JIRA (v6.2.6#6264)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SRAMP-515) overlord commons installer saml password filtering

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/SRAMP-515?page=com.atlassian.jira.plugin.... ] Brett Meyer updated SRAMP-515: ------------------------------ Git Pull Request: https://github.com/Governance/overlord-commons/pull/87 > overlord commons installer saml password filtering > -------------------------------------------------- > > Key: SRAMP-515 > URL: https://issues.jboss.org/browse/SRAMP-515 > Project: S-RAMP > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Reporter: David virgil naranjo > Assignee: David virgil naranjo > > The filtering in the overlord-commons installer for the properties saml-keystore password and saml-keystore alias password is not getting done in the overlord.properties file. -- This message was sent by Atlassian JIRA (v6.2.6#6264)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SRAMP-515) overlord commons installer saml password filtering

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/SRAMP-515?page=com.atlassian.jira.plugin.... ] Brett Meyer resolved SRAMP-515. ------------------------------- Fix Version/s: 0.5.0 Resolution: Done > overlord commons installer saml password filtering > -------------------------------------------------- > > Key: SRAMP-515 > URL: https://issues.jboss.org/browse/SRAMP-515 > Project: S-RAMP > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Reporter: David virgil naranjo > Assignee: David virgil naranjo > Fix For: 0.5.0 > > > The filtering in the overlord-commons installer for the properties saml-keystore password and saml-keystore alias password is not getting done in the overlord.properties file. -- This message was sent by Atlassian JIRA (v6.2.6#6264)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SRAMP-490) Remove version overrides for plugins (inherit from jboss-parent)

by Eric Wittmann (JIRA)

[ https://issues.jboss.org/browse/SRAMP-490?page=com.atlassian.jira.plugin.... ] Eric Wittmann resolved SRAMP-490. --------------------------------- Resolution: Done Now resolved for overlord commons as well as dtgov. > Remove version overrides for plugins (inherit from jboss-parent) > ---------------------------------------------------------------- > > Key: SRAMP-490 > URL: https://issues.jboss.org/browse/SRAMP-490 > Project: S-RAMP > Issue Type: Task > Security Level: Public(Everyone can see) > Reporter: Eric Wittmann > Assignee: Eric Wittmann > Fix For: 0.5.0 > > > In some cases we are overriding the versions of plugins in various projects (overlord-commons, s-ramp, dtgov). > We should remove any version overrides unless they are actually necessary. I don't know of any required overrides, so I think they can all be removed. -- This message was sent by Atlassian JIRA (v6.2.6#6264)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SRAMP-489) Remove newlines from WAR bundle classpaths in pom.xml files

by Eric Wittmann (JIRA)

[ https://issues.jboss.org/browse/SRAMP-489?page=com.atlassian.jira.plugin.... ] Eric Wittmann resolved SRAMP-489. --------------------------------- Resolution: Done Also this commit in overlord-commons: https://github.com/Governance/overlord-commons/commit/e562254238330348a1b... > Remove newlines from WAR bundle classpaths in pom.xml files > ----------------------------------------------------------- > > Key: SRAMP-489 > URL: https://issues.jboss.org/browse/SRAMP-489 > Project: S-RAMP > Issue Type: Task > Security Level: Public(Everyone can see) > Reporter: Eric Wittmann > Assignee: Eric Wittmann > Fix For: 0.5.0 > > > We use the WAR plugin to add manifest entries to support osgi in all our WARs. Currently the import packages, export packages, and bundle classpath all have newlines in their content. This is throwing off the maven pipeline for certain versions of the war plugin. > Remove all newlines from pom.xml bundle entries. > Do this for all projects: overlord-commons, s-ramp, dtgov. -- This message was sent by Atlassian JIRA (v6.2.6#6264)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SRAMP-380) Passwords in clear text when running in Fuse 6.1

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/SRAMP-380?page=com.atlassian.jira.plugin.... ] Brett Meyer updated SRAMP-380: ------------------------------ Fix Version/s: 0.5.0 (was: 0.6.0) > Passwords in clear text when running in Fuse 6.1 > ------------------------------------------------ > > Key: SRAMP-380 > URL: https://issues.jboss.org/browse/SRAMP-380 > Project: S-RAMP > Issue Type: Bug > Security Level: Public(Everyone can see) > Reporter: Eric Wittmann > Assignee: David virgil naranjo > Fix For: 0.5.0 > > > When we install into JBoss EAP we make sure that we don't have any clear text passwords in any configuration files. This is made possible by using the Vault, which allows us to store passwords in the vault and then refer to those vault locations from our config files. > I don't know if there is something similar to be done in Fuse 6.1 > In addition, the login credentials for supported users in EAP are not stored in clear text (the EAP Application Realm config files store an encrypted version of the passwords). > In Fuse 6.1 we are storing the login user credentials in a users.properties file in clear text. -- This message was sent by Atlassian JIRA (v6.2.6#6264)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SRAMP-380) Passwords in clear text when running in Fuse 6.1

by Brett Meyer (JIRA)

[ https://issues.jboss.org/browse/SRAMP-380?page=com.atlassian.jira.plugin.... ] Brett Meyer commented on SRAMP-380: ----------------------------------- [~virchete], just a heads up, we may need to make this a priority for 0.5.0.Final... > Passwords in clear text when running in Fuse 6.1 > ------------------------------------------------ > > Key: SRAMP-380 > URL: https://issues.jboss.org/browse/SRAMP-380 > Project: S-RAMP > Issue Type: Bug > Security Level: Public(Everyone can see) > Reporter: Eric Wittmann > Assignee: David virgil naranjo > Fix For: 0.5.0 > > > When we install into JBoss EAP we make sure that we don't have any clear text passwords in any configuration files. This is made possible by using the Vault, which allows us to store passwords in the vault and then refer to those vault locations from our config files. > I don't know if there is something similar to be done in Fuse 6.1 > In addition, the login credentials for supported users in EAP are not stored in clear text (the EAP Application Realm config files store an encrypted version of the passwords). > In Fuse 6.1 we are storing the login user credentials in a users.properties file in clear text. -- This message was sent by Atlassian JIRA (v6.2.6#6264)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SRAMP-489) Remove newlines from WAR bundle classpaths in pom.xml files

by Eric Wittmann (JIRA)

[ https://issues.jboss.org/browse/SRAMP-489?page=com.atlassian.jira.plugin.... ] Eric Wittmann reopened SRAMP-489: --------------------------------- Assignee: Eric Wittmann (was: Brett Meyer) I need to also do this for overlord commons. > Remove newlines from WAR bundle classpaths in pom.xml files > ----------------------------------------------------------- > > Key: SRAMP-489 > URL: https://issues.jboss.org/browse/SRAMP-489 > Project: S-RAMP > Issue Type: Task > Security Level: Public(Everyone can see) > Reporter: Eric Wittmann > Assignee: Eric Wittmann > Fix For: 0.5.0 > > > We use the WAR plugin to add manifest entries to support osgi in all our WARs. Currently the import packages, export packages, and bundle classpath all have newlines in their content. This is throwing off the maven pipeline for certain versions of the war plugin. > Remove all newlines from pom.xml bundle entries. > Do this for all projects: overlord-commons, s-ramp, dtgov. -- This message was sent by Atlassian JIRA (v6.2.6#6264)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (SRAMP-490) Remove version overrides for plugins (inherit from jboss-parent)

by Eric Wittmann (JIRA)

[ https://issues.jboss.org/browse/SRAMP-490?page=com.atlassian.jira.plugin.... ] Eric Wittmann reopened SRAMP-490: --------------------------------- Assignee: Eric Wittmann (was: Brett Meyer) I need to also do this for overlord commons and possibly dtgov. > Remove version overrides for plugins (inherit from jboss-parent) > ---------------------------------------------------------------- > > Key: SRAMP-490 > URL: https://issues.jboss.org/browse/SRAMP-490 > Project: S-RAMP > Issue Type: Task > Security Level: Public(Everyone can see) > Reporter: Eric Wittmann > Assignee: Eric Wittmann > Fix For: 0.5.0 > > > In some cases we are overriding the versions of plugins in various projects (overlord-commons, s-ramp, dtgov). > We should remove any version overrides unless they are actually necessary. I don't know of any required overrides, so I think they can all be removed. -- This message was sent by Atlassian JIRA (v6.2.6#6264)

10 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

overlord-issues July 2014