[jira] [Updated] (FINERACT-1830) Improve tenant separation and security

[Adam Monsen (Jira)]

     [ 
https://issues.apache.org/jira/browse/FINERACT-1830?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Adam Monsen updated FINERACT-1830:
----------------------------------
    Description: 
{*}Goal{*}: Prevent tenant access other talents data and improve security by 
eliminating plain text password storage.

{*}Proposed solution{*}:
 * authentication per tenant

 * get tenant database credentials from an external secret store

{*}Benefit{*}: Increased security and privacy.
{panel}
*(!) This is a breaking change* 
{panel}
{panel}
*Acceptance Criteria*
 # Credentials encoded and not available for non-authorised access.

 # Old password are removed from database

 # Tenants migrated on dev/test environment

 # Migration plan is available{panel}

  was:
{*}Goal{*}: Prevent tenant access other talents data and improve security by 
eliminating plane text password storage.

{*}Proposed solution{*}:
 * authentication per tenant

 * get tenant database credentials from an external secret store

{*}Benefit{*}: Increased security and privacy.
{panel}
 *(!) This is a breaking change* 
{panel}
{panel}
*Acceptance Criteria*
 # Credentials encoded and not available for non-authorised access.

 # Old password are removed from database

 # Tenants migrated on dev/test environment

 # Migration plan is available
{panel}


> Improve tenant separation and security
> --------------------------------------
>
>                 Key: FINERACT-1830
>                 URL: https://issues.apache.org/jira/browse/FINERACT-1830
>             Project: Apache Fineract
>          Issue Type: New Feature
>            Reporter: Mihaly Dallos
>            Priority: Major
>              Labels: PepperSoup
>
> {*}Goal{*}: Prevent tenant access other talents data and improve security by 
> eliminating plain text password storage.
> {*}Proposed solution{*}:
>  * authentication per tenant
>  * get tenant database credentials from an external secret store
> {*}Benefit{*}: Increased security and privacy.
> {panel}
> *(!) This is a breaking change* 
> {panel}
> {panel}
> *Acceptance Criteria*
>  # Credentials encoded and not available for non-authorised access.
>  # Old password are removed from database
>  # Tenants migrated on dev/test environment
>  # Migration plan is available{panel}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)