When you create a new organization in RHN Satellite v5.1.0, the administrator password is stored in plain text into the web_customer table. That field isn't even used, we should drop the column from our DB entirely. In Spacewalk 0.1, the Java code does not pass in a password to the call to the stored proc: create_new_org. But the database column is still there. This is related to Satellite's bug 450038 and bug 453664.
Fix committed: a6a0b3864af0ccd52dcaae121bf070a36d8f6a1a.
Plus fix: cd62f73a778af286132e27b6ff41377ab1618327
SQL> desc web_customer; Name Null? Type ----------------------------------------- -------- ---------------------------- ID NOT NULL NUMBER NAME NOT NULL VARCHAR2(128) ORACLE_CUSTOMER_ID NUMBER ORACLE_CUSTOMER_NUMBER NUMBER CUSTOMER_TYPE NOT NULL CHAR(1) CREDIT_APPLICATION_COMPLETED VARCHAR2(1) CREATED NOT NULL DATE MODIFIED NOT NULL DATE SQL> Verified against spacewalk 0.2.
Spacewalk is released for long time.