[jboss-jira] [JBoss JIRA] (JBRULES-2856) Encrypted passwords in the change-set.xml
RH Bugzilla Integration (JIRA)
jira-events at lists.jboss.org
Thu Jun 7 23:53:18 EDT 2012
[ https://issues.jboss.org/browse/JBRULES-2856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12700035#comment-12700035 ]
RH Bugzilla Integration commented on JBRULES-2856:
--------------------------------------------------
lcarlon <lcarlon at redhat.com> made a comment on [bug 724616|https://bugzilla.redhat.com/show_bug.cgi?id=724616]
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
The drools client API accesses JBoss BRMS by credentials declared as plain-text in change-set.xml or property files. A request has been mode to develop a mechanism to obfuscate the password.
> Encrypted passwords in the change-set.xml
> -----------------------------------------
>
> Key: JBRULES-2856
> URL: https://issues.jboss.org/browse/JBRULES-2856
> Project: Drools
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Affects Versions: 5.1.1.FINAL
> Environment: fedora 12, jdk 1.6, drools 5.1.0 expert
> Reporter: Alessandro Lazarotti
> Assignee: Mark Proctor
>
> Currently the drools client API access Guvnor by creditials declared as plain-text in change-set.xml or property files. This is a security problem for many companies. Is very important develop a mechanism to obfuscate the password
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list