[
https://issues.apache.org/jira/browse/FINCN-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17064764#comment-17064764
]
Juhan Aasaru commented on FINCN-188:
------------------------------------
The risk is quite low because:
* provisioner doesn't have to be running all the time - only when system is
set up or new micro services are added. In the meanwhile it can be shut down.
* provisioner doesn't have to be available from the internet - it receives
commands from in-house
> Make provisioner initial password configurable
> ----------------------------------------------
>
> Key: FINCN-188
> URL: https://issues.apache.org/jira/browse/FINCN-188
> Project: Fineract Cloud Native
> Issue Type: Improvement
> Reporter: Juhan Aasaru
> Priority: Major
> Labels: volunteer
>
> The password of initial user 'wepemnefret' is hard-coded:
> [https://github.com/apache/fineract-cn-provisioner/blob/develop/service/src/main/java/org/apache/fineract/cn/provisioner/config/ProvisionerConstants.java#L24]
> provisioner should be configured so that this can be provided in app
> configuration (but should default to currently hard-coded value by default)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
