Description of problem: In the ActivityClient quickstart POM file, the password is currently shown in cleartext. Is this the case in other quickstarts too? Expected solution: Passwords should be hashed and the password should be stored in the keystore. Justification: As noted from field engineers, even the use of cleartext passwords only in the quickstarts would result in a failed security audit for many of our customers.
Gary, can you take a look at the RTGov quickstarts and then assign back to me?
Only the ActivityClient sample required a username/password - the user is now prompted to enter this information, so is no longer stored.
Verified in ER7
Gary Brown <gary> updated the status of jira RTGOV-310 to Closed