[GitHub] geode pull request #578: GEODE-1958: Removing PasswordUtil

Tue, 13 Jun 2017 10:19:59 -0700 

GitHub user YehEmily opened a pull request:

    https://github.com/apache/geode/pull/578

    GEODE-1958: Removing PasswordUtil

    [View the original JIRA ticket 
here.](https://issues.apache.org/jira/browse/GEODE-1958)
    
    `PasswordUtil.java` contained methods used to encrypt a password to be 
stored in `cache.xml`, which was an unsafe way to handle security. As a result, 
most methods in `PasswordUtil.java` were removed _except_ `decrypt(String 
password)`, since we want to maintain backwards compatibility. `decrypt(String 
password)` has been deprecated, and references to encrypting passwords have 
been removed.
    
    Thank you for submitting a contribution to Apache Geode.
    
    In order to streamline the review of the contribution we ask you
    to ensure the following steps have been taken:
    
    ### For all changes:
    - [ ] Is there a JIRA ticket associated with this PR? Is it referenced in 
the commit message?
    
    - [ ] Has your PR been rebased against the latest commit within the target 
branch (typically `develop`)?
    
    - [ ] Is your initial contribution a single, squashed commit?
    
    - [ ] Does `gradlew build` run cleanly?
    
    - [ ] Have you written or updated unit tests to verify your changes?
    
    - [ ] If adding new dependencies to the code, are these dependencies 
licensed in a way that is compatible for inclusion under [ASF 
2.0](http://www.apache.org/legal/resolved.html#category-a)?
    
    ### Note:
    Please ensure that once the PR is submitted, you check travis-ci for build 
issues and
    submit an update to your PR as soon as possible. If you need help, please 
send an
    email to [email protected].


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/YehEmily/geode GEODE-1958-v3

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/geode/pull/578.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #578
    
----
commit 2f08e08fa7fec127324ee47a338d331bf059bbf6
Author: YehEmily <[email protected]>
Date:   2017-06-12T18:42:15Z

    GEODE-1958: Working on removing PasswordUtil and all related commands, 
classes, etc. Keeping decrypt() method to maintain backwards compatibility.

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---

Reply via email to