keystorePass attribute on TomcatWebSSLConnector GBean should be
encrypted/obscured
----------------------------------------------------------------------------------
Key: GERONIMO-4927
URL: https://issues.apache.org/jira/browse/GERONIMO-4927
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Affects Versions: 2.2, 3.0
Reporter: Kevan Miller
Fix For: 2.1.5, 2.2, 3.0
keystorePass does not conform to the current convention for
encrypting/obscuring GBean attributes. Currently, attribute names with
'password' will be encrypted.
We should either recognize keystorePass as an attribute requiring encryption or
add a new keystorePassword attribute and start using that (with some
appropriate migration logic, if a 'keystorePass' is configured). I guess I
prefer the latter option. Other opinions?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
