Mask/Encrypt credentials in configuration files

XMLWordPrintable

    • 1
    • 1

      Summary

      As for today, bamboo.cfg.xml saves the database credentials in plain text and there is no alternative to it.

      Additionally affected are:

      • <BAMBOO_INSTALL>/conf/server.xml if using a different Keystore Password for SSL
      • <BAMBOO_HOME>/xml-data/configuration/crowd.properties, if using an external Crowd.
      • <BAMBOO_HOME>/xml-data/configuration/atlassian-user.xml prior to 6.6.x Embedded Crowd
      • <BAMBOO_HOME>/xml-data/configuration/administration.xml AWS credentials for Elastic agents

      Suggested Solution

      Have a way to hide or encrypt credentials.

      Why this is important

      Security reasons.

              Assignee:
              Unassigned
              Reporter:
              Patricio (Inactive)
              Votes:
              37 Vote for this issue
              Watchers:
              16 Start watching this issue

                Created:
                Updated:
                Resolved: