svn commit: r1824855 - /ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

svn commit: r1824855 - /ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties

jleroux@apache.org
Author: jleroux
Date: Tue Feb 20 11:59:07 2018
New Revision: 1824855

URL: http://svn.apache.org/viewvc?rev=1824855&view=rev
Log:
Reverted: Secure the login.secret_key_string
(OFBIZ-9966)

I forgot to revert this part; I guess got conflict issues and then forgot.

I'll also revert in R16 and R17 and close as won't fix, I gave my arguments
that's enough for me.

Modified:
    ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties

Modified: ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties?rev=1824855&r1=1824854&r2=1824855&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties (original)
+++ ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties Tue Feb 20 11:59:07 2018
@@ -132,6 +132,9 @@ default.error.response.view=view:viewBlo
 # -- If false, then no externalLoginKey parameters will be added to cross-webapp urls
 security.login.externalLoginKey.enabled=true
 
+# -- Security key used to encrypt and decrypt the autogenerated password in forgot password functionality.
+login.secret_key_string=Secret Key
+
 ### To have this working, an example of the change needed on the source server is available in OFBIZ-10206-external-server-test-example.patch
 # -- If true, then it's possible to connect to another webapp on another server w/o signing in
 # -- This needs to be changed on both the source server and the target server