You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@isis.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2022/04/08 11:53:00 UTC

[jira] [Commented] (ISIS-2995) IsisModuleSecurityBypass does not avoid BCrypt

    [ https://issues.apache.org/jira/browse/ISIS-2995?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17519533#comment-17519533 ] 

ASF subversion and git services commented on ISIS-2995:
-------------------------------------------------------

Commit e36b9c58e0a3949a2656e5c7ebf4f9fa536aadd1 in isis's branch refs/heads/master from Andi Huber
[ https://gitbox.apache.org/repos/asf?p=isis.git;h=e36b9c58e0 ]

ISIS-2995: don't run into situation where we need to generate UUIDs for
unidentifiable objects

> IsisModuleSecurityBypass does not avoid BCrypt 
> -----------------------------------------------
>
>                 Key: ISIS-2995
>                 URL: https://issues.apache.org/jira/browse/ISIS-2995
>             Project: Isis
>          Issue Type: Bug
>          Components: Isis Core
>    Affects Versions: 2.0.0-M7
>            Reporter: Jörg Rade
>            Assignee: Andi Huber
>            Priority: Major
>             Fix For: 2.0.0-RC1
>
>
> Even when IsisModuleSecurityBypass.class  is included in DemoAppWicketJpa, BCrypt action are logged to the console (using parameters:  -Xms1G -Djava.security.egd=file:///dev/./urandom -Djava.security.debug="provider,engine=SecureRandom")
> See:   https://the-asf.slack.com/archives/CFC42LWBV/p1649400664122289?thread_ts=1648577147.703919&cid=CFC42LWBV



--
This message was sent by Atlassian Jira
(v8.20.1#820001)