[
http://jira.codehaus.org/browse/MRM-821?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James William Dumay closed MRM-821.
-----------------------------------
Resolution: Won't Fix
Felipe,
I have to agree with Adrian on this. If Archiva encrypted the passwords in its
configuration file it would still need to store the private key to decrypt the
configuration file - most likely in the configuration directory.
Thanks for reporting.
James
> Encrypt network proxy password on archiva.xml
> ---------------------------------------------
>
> Key: MRM-821
> URL: http://jira.codehaus.org/browse/MRM-821
> Project: Archiva
> Issue Type: Improvement
> Components: remote proxy
> Affects Versions: 1.0.2
> Environment: ANY
> Reporter: Felipe Requeno
> Assignee: James William Dumay
>
> It is common to most of companies to provide Internet Services through
> network proxies. But it is unlikely to have anonymous access on such nodes.
> Archiva stores passwords in a plain text format, generating a security risk
> or security flaw.
> It is really critical to have a encrypted password on Archiva's configuration
> file.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
