Thanks, we will update to carbon-identity_5.0.3-SNAPSHOT and check. On Tue, Nov 17, 2015 at 5:07 PM, Pushpalanka Jayawardhana <la...@wso2.com> wrote:
> Hi Nuwan, > > We have done a immediate fix for the issue(by Darshana) with PR : > https://github.com/wso2/carbon-identity/pull/1432. > > Thanks, > Pushpalanka. > -- > Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). > Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ > Mobile: +94779716248 > Blog: pushpalankajaya.blogspot.com/ | LinkedIn: > lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka > > > On Tue, Nov 17, 2015 at 3:30 PM, Pushpalanka Jayawardhana <la...@wso2.com> > wrote: > >> Hi Nuwan, >> >> We are going forward with not encrypting the consumer key. Started >> working on this will be tracked via [1]. >> There are few more encryption concerns related to session store and >> authorization code storage as well. Will provide the details of the >> approach to be taken ASAP. >> >> [1] - https://wso2.org/jira/browse/IDENTITY-4088 >> >> Thanks, >> Pushpalanka. >> -- >> Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). >> Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ >> Mobile: +94779716248 >> Blog: pushpalankajaya.blogspot.com/ | LinkedIn: >> lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka >> >> >> On Tue, Nov 17, 2015 at 10:39 AM, Nuwan Dias <nuw...@wso2.com> wrote: >> >>> Hi IS folks, >>> >>> We talked about avoiding the encryption of the consumer key to avoid the >>> issue originally raised on this mail thread. Are we going ahead with that >>> decision? It still encrypts it on carbon-identity_5.0.2 release. >>> >>> Please note that this results in a blocking issue for the release of API >>> Manager 1.10.0. Therefore we either need to stop encrypting it altogether >>> or find another solution for this problem. And we need it ASAP :) >>> >>> Thanks, >>> NuwanD. >>> >>> On Tue, Oct 20, 2015 at 2:38 PM, Nuwan Dias <nuw...@wso2.com> wrote: >>> >>>> Hi, >>>> >>>> When we enable key encryption for OAuth keys, the clientId is encrypted >>>> in the IDN_OAUTH_CONSUMER_APPS table. But it is left in plain text in the >>>> INBOUND_AUTH_KEY column of the SP_INBOUND_AUTH table. This happens in >>>> carbon-identity_4.6.0-M2 release. Should not values in both columns be >>>> encrypted? >>>> >>>> Thanks, >>>> NuwanD. >>>> >>>> -- >>>> Nuwan Dias >>>> >>>> Technical Lead - WSO2, Inc. http://wso2.com >>>> email : nuw...@wso2.com >>>> Phone : +94 777 775 729 >>>> >>> >>> >>> >>> -- >>> Nuwan Dias >>> >>> Technical Lead - WSO2, Inc. http://wso2.com >>> email : nuw...@wso2.com >>> Phone : +94 777 775 729 >>> >>> _______________________________________________ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> > -- Nuwan Dias Technical Lead - WSO2, Inc. http://wso2.com email : nuw...@wso2.com Phone : +94 777 775 729
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
