Bug 1018747 - dtgov.properties - passwords stored in plaintext
Summary: dtgov.properties - passwords stored in plaintext
Keywords:
Status: CLOSED DUPLICATE of bug 991557
Alias: None
Product: JBoss Fuse Service Works 6
Classification: JBoss
Component: DT Governance
Version: 6.0.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Eric Wittmann
QA Contact: Jiri Sedlacek
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-10-14 11:07 UTC by ppecka
Modified: 2015-08-02 23:45 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-10-15 01:16:37 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description ppecka 2013-10-14 11:07:22 UTC 
Description of problem:
Using installer I was able to find DTGov password stored as PLAINTEXT in ../standalone/configuration/dtgov.properties, ../dtgov-sramp-repo-seed-cli-commands.txt, ../standalone/configuration/overlord-idp-users.properties

Version-Release number of selected component (if applicable):
soa-6.0.0-ER4-3


Steps to Reproduce:
1. java -jar jboss-eap-6.0.0.fsw.ci-installer.jar
2. grep -rli "<PASSWORDPROVIDED>" ./jboss-eap-6.1


Actual results:
../dtgov-sramp-repo-seed-cli-commands.txt:connect http://localhost:8080/s-ramp-server admin <PASSWORDPROVIDED>
../standalone/configuration/dtgov.properties:sramp.repo.password<PASSWORDPROVIDED>
../standalone/configuration/dtgov.properties:governance.bpm.password=<PASSWORDPROVIDED>
../standalone/configuration/dtgov.properties:governance.password=<PASSWORDPROVIDED>
../standalone/configuration/overlord-idp-users.properties:admin=<PASSWORDPROVIDED>


Expected results:


Additional info:
Comment 1 Len DiMaggio 2013-10-15 01:16:37 UTC 

*** This bug has been marked as a duplicate of bug 991557 ***
Note You need to log in before you can comment on or make changes to this bug.