You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@geronimo.apache.org by "Rex Wang (JIRA)" <ji...@apache.org> on 2010/10/14 04:39:33 UTC

[jira] Commented: (GERONIMO-5401) Geronimo encrypts empty passwords

    [ https://issues.apache.org/jira/browse/GERONIMO-5401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12920834#action_12920834 ] 

Rex Wang commented on GERONIMO-5401:
------------------------------------

fix for 22 @ revision 1022362
fix for 30 @ revision 1022363

-Rex

> Geronimo encrypts empty passwords
> ---------------------------------
>
>                 Key: GERONIMO-5401
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-5401
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: databases
>    Affects Versions: 2.1.5
>         Environment: Geronimo tomcat assembly.
>            Reporter: Ashish Jain
>            Assignee: Ashish Jain
>             Fix For: 2.1.7, 2.2.1, 3.0
>
>
> This can be observed as follows
> 1) Create a test db pool with empty passwords. I had used derby embedded xa.
> 2) Deploy it.
> 3) Check the config.ser. You can see a password string encrypted with {Simple} or {Configured}.
> The same behavior can be seen for SystemDatasource.
> This behavior is misleading.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.