You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Ashish Jain (JIRA)" <ji...@apache.org> on 2010/06/24 11:24:49 UTC
[jira] Created: (GERONIMO-5401) Geronimo encrypts empty passwords
Geronimo encrypts empty passwords
---------------------------------
Key: GERONIMO-5401
URL: https://issues.apache.org/jira/browse/GERONIMO-5401
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Components: databases
Affects Versions: 2.1.5
Environment: Geronimo tomcat assembly.
Reporter: Ashish Jain
Assignee: Ashish Jain
Fix For: 2.1.7
This can be observed as follows
1) Create a test db pool with empty passwords. I had used derby embedded xa.
2) Deploy it.
3) Check the config.ser. You can see a password string encrypted with {Simple} or {Configured}.
The same behavior can be seen for SystemDatasource.
This behavior is misleading.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (GERONIMO-5401) Geronimo encrypts empty passwords
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-5401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang resolved GERONIMO-5401.
--------------------------------
Resolution: Fixed
> Geronimo encrypts empty passwords
> ---------------------------------
>
> Key: GERONIMO-5401
> URL: https://issues.apache.org/jira/browse/GERONIMO-5401
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: databases
> Affects Versions: 2.1.5
> Environment: Geronimo tomcat assembly.
> Reporter: Ashish Jain
> Assignee: Ashish Jain
> Fix For: 2.1.7, 2.2.1, 3.0
>
>
> This can be observed as follows
> 1) Create a test db pool with empty passwords. I had used derby embedded xa.
> 2) Deploy it.
> 3) Check the config.ser. You can see a password string encrypted with {Simple} or {Configured}.
> The same behavior can be seen for SystemDatasource.
> This behavior is misleading.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (GERONIMO-5401) Geronimo encrypts empty passwords
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-5401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang closed GERONIMO-5401.
------------------------------
closing it
> Geronimo encrypts empty passwords
> ---------------------------------
>
> Key: GERONIMO-5401
> URL: https://issues.apache.org/jira/browse/GERONIMO-5401
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: databases
> Affects Versions: 2.1.5
> Environment: Geronimo tomcat assembly.
> Reporter: Ashish Jain
> Assignee: Ashish Jain
> Fix For: 2.1.7, 2.2.1, 3.0
>
>
> This can be observed as follows
> 1) Create a test db pool with empty passwords. I had used derby embedded xa.
> 2) Deploy it.
> 3) Check the config.ser. You can see a password string encrypted with {Simple} or {Configured}.
> The same behavior can be seen for SystemDatasource.
> This behavior is misleading.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-5401) Geronimo encrypts empty passwords
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-5401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang updated GERONIMO-5401:
-------------------------------
Fix Version/s: 3.0
2.2.1
> Geronimo encrypts empty passwords
> ---------------------------------
>
> Key: GERONIMO-5401
> URL: https://issues.apache.org/jira/browse/GERONIMO-5401
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: databases
> Affects Versions: 2.1.5
> Environment: Geronimo tomcat assembly.
> Reporter: Ashish Jain
> Assignee: Ashish Jain
> Fix For: 2.1.7, 2.2.1, 3.0
>
>
> This can be observed as follows
> 1) Create a test db pool with empty passwords. I had used derby embedded xa.
> 2) Deploy it.
> 3) Check the config.ser. You can see a password string encrypted with {Simple} or {Configured}.
> The same behavior can be seen for SystemDatasource.
> This behavior is misleading.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-5401) Geronimo encrypts empty passwords
Posted by "Ashish Jain (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-5401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12882102#action_12882102 ]
Ashish Jain commented on GERONIMO-5401:
---------------------------------------
applied to 2.1 branch At revision: 957469
> Geronimo encrypts empty passwords
> ---------------------------------
>
> Key: GERONIMO-5401
> URL: https://issues.apache.org/jira/browse/GERONIMO-5401
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: databases
> Affects Versions: 2.1.5
> Environment: Geronimo tomcat assembly.
> Reporter: Ashish Jain
> Assignee: Ashish Jain
> Fix For: 2.1.7
>
>
> This can be observed as follows
> 1) Create a test db pool with empty passwords. I had used derby embedded xa.
> 2) Deploy it.
> 3) Check the config.ser. You can see a password string encrypted with {Simple} or {Configured}.
> The same behavior can be seen for SystemDatasource.
> This behavior is misleading.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-5401) Geronimo encrypts empty passwords
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-5401?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12920834#action_12920834 ]
Rex Wang commented on GERONIMO-5401:
------------------------------------
fix for 22 @ revision 1022362
fix for 30 @ revision 1022363
-Rex
> Geronimo encrypts empty passwords
> ---------------------------------
>
> Key: GERONIMO-5401
> URL: https://issues.apache.org/jira/browse/GERONIMO-5401
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: databases
> Affects Versions: 2.1.5
> Environment: Geronimo tomcat assembly.
> Reporter: Ashish Jain
> Assignee: Ashish Jain
> Fix For: 2.1.7, 2.2.1, 3.0
>
>
> This can be observed as follows
> 1) Create a test db pool with empty passwords. I had used derby embedded xa.
> 2) Deploy it.
> 3) Check the config.ser. You can see a password string encrypted with {Simple} or {Configured}.
> The same behavior can be seen for SystemDatasource.
> This behavior is misleading.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.