Hello Jira Masters,
The database password for Jira is stored in plain text in dbconfig.xml and this could be a security leak for us.
Could you please tell me if there is any solution to encrypt the data base password or use an integrated authentication?
Thanks you !
Achraf Bziouech
Software Developer, Java Apps Team
E-mail : abziouech@codix.tn
Mobile : +216 53 33 84 73
I just make the file only readable by the service account that runs jira. On my systems that account doesn't have interactive login rights, so you need sudo to modify the file. And sudo is locked to trusted users only.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
As of Jira 8.3, you can now encrypt the database password.
Instructions are available here: https://confluence.atlassian.com/jiracore/encrypting-database-password-975040997.html
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.