You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Michael Osipov (JIRA)" <ji...@apache.org> on 2018/09/06 14:21:00 UTC

[jira] [Commented] (MCHANGES-395) JIRA password security

    [ https://issues.apache.org/jira/browse/MCHANGES-395?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16605838#comment-16605838 ] 

Michael Osipov commented on MCHANGES-395:
-----------------------------------------

I don't userstand what you problem is. Secrets are stored in {{settings.xml}} only.

> JIRA password security
> ----------------------
>
>                 Key: MCHANGES-395
>                 URL: https://issues.apache.org/jira/browse/MCHANGES-395
>             Project: Maven Changes Plugin
>          Issue Type: Improvement
>          Components: jira
>    Affects Versions: 2.12.1
>            Reporter: Stefan Wendelmann
>            Priority: Major
>
> May it be possible to encrypt the Jira password or to ask for it from the console?
>  
> AFAIK a there is no option in Jira to create a "special" User out of the licence for REST Calls so we have to use a real persons Account with his/her original password.
> And is the pom.xml with password saved into the jar in META-INF ? So anyone with winrar i.e. can read your Jira password in plaintext ? 
>  
> thanks in advance!



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)