Description of problem: Version-Release number of selected component (if applicable): How reproducible: * 6.0.0.ER4 Steps to Reproduce: 1. Install FSW & generate installation script 2. Inspect InstallSummary.html, generated installation script & .installationinformation Actual results: * All of the 3 files contain passwords for BPEL Console & DTGov in plain text. Expected results: Additional info:
Post beta builds will not display this information.
Looking at the generated xml file. This issue is still not fixed. Password for admin user is hashed - that is good, but FSW admin password is still stored in plaintext. Reopening.
*** Bug 1043380 has been marked as a duplicate of this bug. ***
*** Bug 1044556 has been marked as a duplicate of this bug. ***
Verified in CR1.
The vault password is still stored in InstallationLog.txt (vault.keystorepwd) in plain text. Tested in CR1. Steps to Reproduce: 1. Installation with additional configuration 2. Check Install password vault 3. All others is default
My mistake, good catch Tomas. Fixed for CR2.
Keystore passwords should no longer be stored in the log. http://git.app.eng.bos.redhat.com/installer-commons.git/commit/?h=6.1.1.ip&id=a4e8bceb9cec42a0e07b299cff769826806eb03d
Verified in CR2