You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@fineract.apache.org by "Francis Guchie (Jira)" <ji...@apache.org> on 2022/08/31 10:18:00 UTC
[jira] [Comment Edited] (FINERACT-1653) Security Threat Cannot boot Apache Fineract if database is not on local host and password is not the default
[ https://issues.apache.org/jira/browse/FINERACT-1653?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17598303#comment-17598303 ]
Francis Guchie edited comment on FINERACT-1653 at 8/31/22 10:17 AM:
--------------------------------------------------------------------
[~arnold]
I have not used any env Variables - kindly advise on how to go about this - I think i missed something, env rings a bell but i have not used any in 1.7.0 and am yet to test 1.8.0 (was thinking of going straight for 1.8.0)
please note that these are 2 issues in one
1- I want to have the db in a different place (RDBMS)
2- I want to have the default credentials changed to my liking
was (Author: francisguchie):
[~arnold]
I have not used any env Variables - kindly advise on how to go about this - I think i missed something, env rings a bell but i have not used any in 1.7.0 and am yet to test 1.8.0 (was thinking of going straight for 1.8.0)
> Security Threat Cannot boot Apache Fineract if database is not on local host and password is not the default
> ------------------------------------------------------------------------------------------------------------
>
> Key: FINERACT-1653
> URL: https://issues.apache.org/jira/browse/FINERACT-1653
> Project: Apache Fineract
> Issue Type: Bug
> Affects Versions: 1.7.0
> Reporter: Francis Guchie
> Assignee: Francis Guchie
> Priority: Major
> Fix For: 1.0.0, 1.1.0, 1.2.0, 1.3.0, 1.4.0, 1.5.0, 1.6.0
>
>
> As a user, i would like to setup apache fineract in a live production where the database server is separate from the ui server with a different root password from usual.
> In the latest release, 1.7.0, there is a pre-compiled jar by the names of fineract-provider-1.5.1-0d5bace3-plain.jar which is used during boot up of Apache-Fineract.
> As such, the user gets an error shown below ( amongst others )
> Error creating bean with name '(inner bean)#10ee8a73':
> Cannot resolve reference to bean 'entityManagerFactory' while setting constructor argument; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'tenantDatabaseUpgradeService' defined in URL [jar:file:{*}/usr/share/tomcat9/webapps/fineract-provider/WEB-INF/lib/fineract-provider-1.5.1-0d5bace3-plain.jar{*}!
> /org/apache/fineract/infrastructure/core/service/migration/TenantDatabaseUpgradeService.class]: Unsatisfied dependency expressed through constructor parameter 0;
> nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'jdbcTenantDetailsService'
> defined in URL [jar:file:/{*}usr/share/tomcat9/webapps/fineract-provider/WEB-INF/lib/fineract-provider-1.5.1-0d5bace3-plain.jar!{*}
> this means users will not be able to deploy Mifos without using the default root password and if they have the database and ui on different servers.
> IN release 1.6.0, tomcat deployment users had the opportunity to edit the following files after a first boot up when the war file is deployed (
> *......webapps/fineract-provider/WEB-INF/classes/META-INF/spring/jdbc.properties*
> *.....webapps/fineract-provider/WEB-INF/classes/META-INF/spring/hikariDataSource.xml*
--
This message was sent by Atlassian Jira
(v8.20.10#820010)