You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Charles Llewellyn (JIRA)" <ji...@apache.org> on 2015/03/24 15:35:03 UTC
[jira] [Created] (AMBARI-10192) Encrypt all passwords
Charles Llewellyn created AMBARI-10192:
------------------------------------------
Summary: Encrypt all passwords
Key: AMBARI-10192
URL: https://issues.apache.org/jira/browse/AMBARI-10192
Project: Ambari
Issue Type: Improvement
Components: ambari-web
Affects Versions: 1.6.1
Reporter: Charles Llewellyn
Priority: Minor
Hi,
We recently had a pen test conducted against Ambari. One of the issues highlighted was being able to return the Nagios password in clear text via the API. Is it possible to encrypt the password to prevent this behavior?
Thanks
Charlie
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)