You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@fineract.apache.org by "Mihaly Dallos (Jira)" <ji...@apache.org> on 2022/12/09 08:36:00 UTC
[jira] [Created] (FINERACT-1830) Improve tenant separation and security
Mihaly Dallos created FINERACT-1830:
---------------------------------------
Summary: Improve tenant separation and security
Key: FINERACT-1830
URL: https://issues.apache.org/jira/browse/FINERACT-1830
Project: Apache Fineract
Issue Type: New Feature
Reporter: Mihaly Dallos
{*}Goal{*}: Prevent tenant access other talents data and improve security by eliminating plane text password storage.
{*}Proposed solution{*}:
* authentication per tenant
* get tenant database credentials from an external secret store
{*}Benefit{*}: Increased security and privacy.
{panel}
*(!) This is a breaking change*
{panel}
{panel}
*Acceptance Criteria*
# Credentials encoded and not available for non-authorised access.
# Old password are removed from database
# Tenants migrated on dev/test environment
# Migration plan is available
{panel}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)