Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Encrypt Database Password in dbconfig.xml

achref_bziouech
achref_bziouech October 20, 2017

Hello Jira Masters,


The database password for Jira is stored in plain text in dbconfig.xml and this could be a security leak for us.


Could you please tell me if there is any solution to encrypt the data base password or use an integrated authentication?

Thanks you !

 

 Achraf Bziouech

Software Developer,  Java Apps Team


E-mail  :        abziouech@codix.tn
Mobile :        +216 53 33 84 73

Answer
Watch
Like Be the first to like this
2529 views

3 answers

2 votes
josh
josh
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 20, 2017

I just make the file only readable by the service account that runs jira. On my systems that account doesn't have interactive login rights, so you need sudo to modify the file. And sudo is locked to trusted users only.

Reply
2 votes
Pieter Custers
Pieter Custers October 20, 2017

I think you can find your answer here: https://jira.atlassian.com/browse/JRASERVER-31004

Reply
0 votes
Richard Cross
Richard Cross November 20, 2019

As of Jira 8.3, you can now encrypt the database password.

Instructions are available here: https://confluence.atlassian.com/jiracore/encrypting-database-password-975040997.html 

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events