jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "angela (JIRA)" <j...@apache.org>
Subject [jira] Reopened: (JCR-1927) More secure default installation
Date Thu, 22 Oct 2009 15:22:59 GMT

     [ https://issues.apache.org/jira/browse/JCR-1927?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

angela reopened JCR-1927:

just realized that we still have plenty of repository.xml(s) using the simple-security config.
only the one i'm using for the tests has the *real* stuff in *arrrgh*.

i'd say we should/could address this for the 2.0 release as it shouldn't cause too many problems,
should it?

> More secure default installation
> --------------------------------
>                 Key: JCR-1927
>                 URL: https://issues.apache.org/jira/browse/JCR-1927
>             Project: Jackrabbit Content Repository
>          Issue Type: Improvement
>          Components: jackrabbit-core
>            Reporter: Jukka Zitting
>             Fix For: 2.0.0
> Currently the default installation of Jackrabbit grants login, read and write access
to any username and password combination. It might be a good idea to require explicit user
accounts and access rights to be configured during installation.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message