[overlord-issues] [JBoss JIRA] (SRAMP-380) Passwords in clear text when running in Fuse 6.1

Eric Wittmann created SRAMP-380: ----------------------------------- Summary: Passwords in clear text when running in Fuse 6.1 Key: SRAMP-380 URL: https://issues.jboss.org/browse/SRAMP-380 Project: S-RAMP Issue Type: Bug Security Level: Public (Everyone can see) Reporter: Eric Wittmann Assignee: Kurt Stam When we install into JBoss EAP we make sure that we don't have any clear text passwords in any configuration files. This is made possible by using the Vault, which allows us to store passwords in the vault and then refer to those vault locations from our config files. I don't know if there is something similar to be done in Fuse 6.1 In addition, the login credentials for supported users in EAP are not stored in clear text (the EAP Application Realm config files store an encrypted version of the passwords). In Fuse 6.1 we are storing the login user credentials in a users.properties file in clear text. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira