You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@fineract.apache.org by "Mihaly Dallos (Jira)" <ji...@apache.org> on 2022/12/09 08:36:00 UTC

[jira] [Created] (FINERACT-1830) Improve tenant separation and security

Mihaly Dallos created FINERACT-1830:
---------------------------------------

             Summary: Improve tenant separation and security
                 Key: FINERACT-1830
                 URL: https://issues.apache.org/jira/browse/FINERACT-1830
             Project: Apache Fineract
          Issue Type: New Feature
            Reporter: Mihaly Dallos


{*}Goal{*}: Prevent tenant access other talents data and improve security by eliminating plane text password storage.

{*}Proposed solution{*}:
 * authentication per tenant

 * get tenant database credentials from an external secret store

{*}Benefit{*}: Increased security and privacy.
{panel}
 *(!) This is a breaking change* 
{panel}
{panel}
*Acceptance Criteria*
 # Credentials encoded and not available for non-authorised access.

 # Old password are removed from database

 # Tenants migrated on dev/test environment

 # Migration plan is available
{panel}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)