I used this tutorial https://confluence.atlassian.com/doc/configuring-a-datasource-connection-937166084.html to create a data source which I can connect to from any plugins I create. I've tested the connection and everything is working fine.
My concern is regarding the safety of having my db username and passwords in plain text on my server. Is there any way I can encrypt that information in the server.xml file? If not, are there safer/more secure alternatives I can use?
We have a feature request below to support encryption of any passwords stored on the filesystem:
While a legitimate security concern, someone wouldn't be able to gain access to the server.xml file without first breaking into the file system. For this reason, you want to make sure your internal security team has protected your internal server sufficiently. Make sure that all passwords are secure, and if needed, place your server behind an internal firewall.
Please vote on the above feature request in order to show your support for such a feature, and comment with your findings and your usage case.
Take care, and do let me know if you have any further questions or concerns.
Two vulnerabilities have been published for Confluence Server and Data Center recently: March 20, 2019 CVE-2019-3395 / CVE-2019-3396 April 17, 2019 CVE-2019-3398 The goal of this article is...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events