[
https://issues.apache.org/jira/browse/OFBIZ-10751?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16929746#comment-16929746 ]
Jacques Le Roux commented on OFBIZ-10751:
-----------------------------------------
Addes a link to OWASP documentation at r1866936
> Document how to store the JWT secret key
> ----------------------------------------
>
> Key: OFBIZ-10751
> URL:
https://issues.apache.org/jira/browse/OFBIZ-10751> Project: OFBiz
> Issue Type: Sub-task
> Components: framework
> Reporter: Jacques Le Roux
> Assignee: Jacques Le Roux
> Priority: Major
> Fix For: Upcoming Branch
>
>
> AS discussed in dev ML at
https://markmail.org/message/dtjnu7fdi5noeagk and previously in OFBIZ-9833 & OFBIZ-10307 we want to document how to store the JWT secret key. We agreed about keeping it as a property OOTB; and giving a link from the security properties file to suggest how to better do it in production.
> Remains to create the documentation and link to it. I believe an .adoc document in security component fits.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
Locked
