Red Hat Bugzilla – Bug 1021309
Password should not be in cleartext
Last modified: 2014-07-02 05:18:45 EDT
Description of problem:
In the ActivityClient quickstart POM file, the password is currently shown in cleartext. Is this the case in other quickstarts too?
Passwords should be hashed and the password should be stored in the keystore.
As noted from field engineers, even the use of cleartext passwords only in the quickstarts would result in a failed security audit for many of our customers.
Gary, can you take a look at the RTGov quickstarts and then assign back to me?
Only the ActivityClient sample required a username/password - the user is now prompted to enter this information, so is no longer stored.
Verified in ER7
Gary Brown <firstname.lastname@example.org> updated the status of jira RTGOV-310 to Closed