| Summary: | Some Quickstarts don't generate the default Admin password | ||
|---|---|---|---|
| Product: | OpenShift Online | Reporter: | Vojtech Vitek <vvitek> |
| Component: | Security | Assignee: | Dan McPherson <dmcphers> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Xiaoli Tian <xtian> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 2.x | CC: | dmueller, hripps, jechoi, jialiu, lmeyer, mfojtik, vvitek, wjiang |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-10-10 00:46:37 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Bug Depends On: | 1012981 | ||
| Bug Blocks: | |||
|
Description
Vojtech Vitek
2013-09-30 15:24:06 UTC
Blocked by cartridge_actions.rb#post_configure CLIENT_RESULT functionality to be able to show the generated password to the users as mentioned in bug 1012981 comment 1. I fixed DokuWiki recently so it generates unique password for easy installation. The problem is how you deliver the initial password to console and also what if user forget the password? Those are cases that needs to be considered, but I fully agree that this is security bug and should be fixed. Drupal fixed with https://github.com/openshift/drupal-quickstart/pull/21 https://github.com/openshift/dokuwiki-quickstart/pull/7 In Redmine, the preset password is the standard way when installing[1], it's possible to change this but it would be cause additional maintenance overhead. [1]: http://www.redmine.org/projects/redmine/wiki/RedmineInstall#Step-10-Logging-into-the-application |