Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-17762

Security hardening for access: Support reading secrets from a temporary file

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: 6.5.2
    • Fix Version/s: 6.6.0
    • Component/s: None
    • Labels:
      None

      Description

      To harden Access environment, need to support reading secrets from a temporary file, which is removed once application has read them.

      Flow

      • User creates a temporary file: ACCESS_HOME/.secrets/.temp.db.properties
      • On startup, if file exists, read all secrets from it and delete it
        This overrides all other options (env vars, system properties and default db.properties)
        If deletion fails, application fails startup with a proper error
      • Application does NOT write the secret values to the default db.properties

        Attachments

          Activity

            People

            • Assignee:
              yoazm Yoaz Menda (Inactive)
              Reporter:
              yoazm Yoaz Menda (Inactive)
              Assigned QA:
              Lior Gur (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: