Red Hat Bugzilla – Bug 994697
BPEL Console should not have passwords in plaintext
Last modified: 2015-08-02 19:44:19 EDT
user/password configuration file for bpel-console contains passwords in plaintext, this can be security issue.
Also, this file is in standalone/deployments/switchyard-bpel-console-server.war/WEB-INF/classes directory, it should be on some more convenient place.
Changed to use 'other' security domain so leverage application users defined within the app server.
verified in ER2
How to set user for bpel console should be documented - user has to have 'administrator' role.