[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=163766#action_163766
]
Oleg Gusakov commented on MNG-553:
--
*settings-security.xml* - root tag renamed to *settingsSecurity*
>
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162949#action_162949
]
Oleg Gusakov commented on MNG-553:
--
Final name - *settings-security.xml*
I left a snapshot in the trun
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162786#action_162786
]
Oleg Gusakov commented on MNG-553:
--
Looks like the name *sec.xml* is too short and may be confusing. Ch
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162735#action_162735
]
Oleg Gusakov commented on MNG-553:
--
Joerg wrote:
{quote}
However, the main problem IMHO was that with e
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162728#action_162728
]
Oleg Gusakov commented on MNG-553:
--
Now I understand the concern.
Yes - it may fail on a plaintext pas
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162723#action_162723
]
Joerg Schaible commented on MNG-553:
I did not have a real problem using a plain password in .m2/set
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162709#action_162709
]
Oleg Gusakov commented on MNG-553:
--
Will fix the util - thank you!
*{*}* - please be more specific. P
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162646#action_162646
]
Benjamin Bentmann commented on MNG-553:
---
Some comments:
{{SecUtil.read()}} leaks file handles in
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162630#action_162630
]
Oleg Gusakov commented on MNG-553:
--
everything is fixed, waiting for central sync before committing cha
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162622#action_162622
]
Oleg Gusakov commented on MNG-553:
--
Exception encrypting a regular password - fixing ...
> Secure Sto
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162620#action_162620
]
Oleg Gusakov commented on MNG-553:
--
Implemented solution is manual for now, I will add automation plugi
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162112#action_162112
]
Oleg Gusakov commented on MNG-553:
--
I started adding this to 2.1 trunk
> Secure Storage of Server Pass
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=147617#action_147617
]
Haikal Saadh commented on MNG-553:
--
Another "Keychain integration would be nice on MacOS X" comment.
>
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=145297#action_145297
]
Brett Porter commented on MNG-553:
--
as long as one implementation uses a Java keystore, you can use the
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=145294#action_145294
]
Ringo De Smet commented on MNG-553:
---
On Mac OS X, I would really like to see the passwords stored in t
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=145141#action_145141
]
Paul Benedict commented on MNG-553:
---
I think we should go for the full kitchen sink solution. We shoul
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=145130#action_145130
]
Maria Odea Ching commented on MNG-553:
--
I made some updates in the design docs:
http://docs.codeha
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=144751#action_144751
]
Maria Odea Ching commented on MNG-553:
--
Ok, thanks for pointing that out Heinrich. I'll create a se
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=144487#action_144487
]
Brett Porter commented on MNG-553:
--
I think it is worth having both capabilities - perhaps the obfuscat
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=144485#action_144485
]
Heinrich Nirschl commented on MNG-553:
--
the original report was asking for increased security. Pass
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=144475#action_144475
]
Maria Odea Ching commented on MNG-553:
--
I made an initial draft on how to implement this issue, ple
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17#action_17
]
Maria Odea Ching commented on MNG-553:
--
Ok, thanks Brett. I'll see what I can come up for this..
>
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=144399#action_144399
]
Brett Porter commented on MNG-553:
--
Sorry Deng, I didn't get that done.
My suggestion would be to come
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=144373#action_144373
]
Maria Odea Ching commented on MNG-553:
--
Is there a design document for this available somewhere? :)
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_128021
]
Douglas Kaminsky commented on MNG-553:
--
Any traction on this issue? Been over 2 years since it's been reported.
> Secure S
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_106556
]
Scott Wintermute commented on MNG-553:
--
I am thrilled to hear and see this issue will be looked into. I agree with
others
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_98292
]
Gustavo Almeida commented on MNG-553:
-
Even storing encrypted password is considered insecure by some
organizations/individu
[
http://jira.codehaus.org/browse/MNG-553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_96012
]
Oliver Siegmar commented on MNG-553:
Also note, that at least Java6 has support for reading passwords without
echoing it to
28 matches
Mail list logo
