Loading...

XML

Word

Printable

Type: Task
Resolution: Unresolved
Priority: Medium
Fix Version/s: None
Affects Version/s: None
Labels:
None

Last commented by user?:
true

Putting credentials in request parameters is likely to lead to those credentials being logged in access logs. Also, there are existing decent alternatives such as Basic Auth so there is absolutely no need to keep the old and insecure os_* parameters around.

causes

JRACLOUD-65287 The the os_username parameter has been blocked but it is still used in the users onboarding notifications

Closed

is related to

SER-199 Make support for os_username and os_password as url parameters require opting in

RESOLVED

Assignee:: Unassigned

Reporter:: David Black

Participants:: David Black

Votes:: 3 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 30/May/2014 12:45 AM

Updated:: 01/Apr/2017 7:43 PM

Last commented:: 10 years, 9 weeks ago

Details

Description

Attachments

Issue Links

Activity

People

Dates