[jboss-jira] [JBoss JIRA] (JGRP-1721) AUTH and ENCRYPT protocols configured with plain text passwords
Bela Ban (JIRA)
jira-events at lists.jboss.org
Wed Oct 23 09:39:02 EDT 2013
[ https://issues.jboss.org/browse/JGRP-1721?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12824281#comment-12824281 ]
Bela Ban commented on JGRP-1721:
--------------------------------
All passwords can be set *programmatically* instead of via XML config files. When JGroups {{AUTH}} and {{ENCRYPT}} are run within EAP, I envisage that credentials, passwords, usernames etc are injected into the JGroups subsystem by EAP.
Is this still an issue ?
> AUTH and ENCRYPT protocols configured with plain text passwords
> ---------------------------------------------------------------
>
> Key: JGRP-1721
> URL: https://issues.jboss.org/browse/JGRP-1721
> Project: JGroups
> Issue Type: Bug
> Affects Versions: 3.4
> Reporter: Martin Gencur
> Assignee: Bela Ban
> Fix For: 3.5
>
>
> The following parameters of AUTH protocol are stored as plain text:
> * keystore_password
> The following parameters of ENCRYPT protocol are stored as plain text:
> * store_password
> * key_password
> Example:
> {code}
> <ENCRYPT key_store_name="defaultStore.keystore" store_password="changeit" alias="myKey"/>
> {code}
> Requirements for storing passwords: https://docspace.corp.redhat.com/docs/DOC-131628
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list