Uploaded image for project: 'JIRA Server (including JIRA Core)'
  1. JIRA Server (including JIRA Core)
  2. JRASERVER-31004

Encrypt Database Password in dbconfig.xml or use integrated authentication

    XMLWordPrintable

    Details

    • Feedback Policy:
      We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see An updated workflow for server feature suggestions.
    • Current Status:
      Hide
      Atlassian Update – 2 April 2019

      Hi everyone,

      We’re currently working on a way to let you store encrypted database password in the dbconfig.xml file.

      We’ll provide the following two major functionalities:

      • A command-line interface (CLI) tool will encrypt the plain-text password using our default obfuscation, or your own cryptography library.
      • Jira will decrypt the password using either our default obfuscation or your own cryptography library.

      Jira will still use the plain-text password to connect to the database, but it will not be stored as plain text in the config file.

      We’d love to hear your feedback, so please share your thoughts in the comments!

      Katarzyna Derenda
      Jira Server Product Management

      Show
      Atlassian Update – 2 April 2019 Hi everyone, We’re currently working on a way to let you store encrypted database password in the dbconfig.xml file. We’ll provide the following two major functionalities: A command-line interface (CLI) tool will encrypt the plain-text password using our default obfuscation, or your own cryptography library. Jira will decrypt the password using either our default obfuscation or your own cryptography library. Jira will still use the plain-text password to connect to the database, but it will not be stored as plain text in the config file. We’d love to hear your feedback, so please share your thoughts in the comments! Katarzyna Derenda Jira Server Product Management
    • UIS:
      401

      Description

      NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion.

      JIRA should Encrypt the database password since it's in plain text in the dbconfig.xml file or it could use the integrated authentication with the databases such as MSSQL database.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                nwroblewska Natalia Wroblewska
                Reporter:
                rgadami Rodrigo Adami
              • Votes:
                169 Vote for this issue
                Watchers:
                167 Start watching this issue

                Dates

                • Created:
                  Updated: