password for an entity is stored in clear text
----------------------------------------------
Key: VYSPER-267
URL: https://issues.apache.org/jira/browse/VYSPER-267
Project: VYSPER
Issue Type: Improvement
Reporter: Sasha Dolgy
password storage is in clear text. if there was a compromise, there would be a
clear text map of entities:password ... for example, in the
org.apache.vysper.xmpp.server.ServerMain class:
accountManagement.addUser("[email protected]", "password1");
Tracing the addUser method the "password" is never encrypted for storage.
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
