Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1065962

Summary: Skipping new administrative user creation creates a user with name "Username"
Product: [Retired] JBoss BRMS Platform 6 Reporter: Ivo Bek <ibek>
Component: InstallerAssignee: Francisco Canas <fcanas>
Status: CLOSED CURRENTRELEASE QA Contact: Ivo Bek <ibek>
Severity: high Docs Contact:
Priority: high    
Version: 6.0.0CC: apodhrad, fcanas, kverlaen, mtjandra, rrajasek, thauser, tlivora
Target Milestone: ER1   
Target Release: 6.0.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-08-06 19:58:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Prompt to overwrite or skip if eap user exists
none
Ensure username where brms is saved does not overwrite none

Description Ivo Bek 2014-02-17 12:15:01 UTC 
Description of problem:

When I install BRMS/BPMS to an existing EAP which contain a management user already and I skip new administrative user creation, the user with name "Username" is created. I believe this is a security issue.

After the installation mgmt-users.properties contain:

Username=177a8bd36cd568e20b4027eae7519e00

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Extract EAP 6.1.1
2. Install BRMS/BPMS 6.0.GA over the EAP
3. See mgmt-users.properties

Actual results:


Expected results:


Additional info:
Comment 1 Francisco Canas 2014-02-18 16:31:50 UTC 
More recent versions of the installer-commons and IzPack contain a fix for this issue. The next brms/bpms installer build will also contain it.
Comment 2 Miles Tjandrawidjaja 2014-02-19 20:29:45 UTC 
Created attachment 865199 [details]
Prompt to overwrite or skip if eap user exists
Comment 3 Miles Tjandrawidjaja 2014-02-19 20:30:49 UTC 
Created attachment 865200 [details]
Ensure username where brms is saved does not overwrite
Comment 4 Andrej Podhradsky 2014-02-27 08:49:01 UTC 
Verified with 6.0.1.ER1