From 127592d0c6118db739e230f91c6a87a085b6240b Mon Sep 17 00:00:00 2001 From: Dmitry Toptygin Date: Fri, 19 Jun 2020 17:21:53 -0400 Subject: [PATCH] addressed vulnerability reported by sonar: encrypt passwords in application.properties files with bcrypt --- .../src/main/resources/application.properties | 4 +++- .../src/main/resources/application.properties | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/opensync-gateway-cloud-process/src/main/resources/application.properties b/opensync-gateway-cloud-process/src/main/resources/application.properties index a3b8c60..1aac7a4 100644 --- a/opensync-gateway-cloud-process/src/main/resources/application.properties +++ b/opensync-gateway-cloud-process/src/main/resources/application.properties @@ -81,7 +81,9 @@ spring.profiles.include=use_ssl_with_client_cert_and_basic_auth,client_certifica tip.wlan.httpClientConfig=classpath:httpClientConfig.json #this user/password is used together with http_digest_auth and http_basic_auth spring profiles tip.wlan.serviceUser=user -tip.wlan.servicePassword=password +# The value in here is bcrypt-encoded string "password", generated with the following command +# htpasswd -nBC 10 "" | cut -d ':' -f2 +tip.wlan.servicePassword=$2y$10$rXnaSR5q2PsFWs8WEfJAguKAPh0oHLFkAJFqd7Pf7PVa3cOIClGoS spring.main.show-banner=false server.port=9096 diff --git a/opensync-gateway-static-process/src/main/resources/application.properties b/opensync-gateway-static-process/src/main/resources/application.properties index 94daa0e..b9920b7 100644 --- a/opensync-gateway-static-process/src/main/resources/application.properties +++ b/opensync-gateway-static-process/src/main/resources/application.properties @@ -81,7 +81,9 @@ tip.wlan.httpClientConfig=classpath:httpClientConfig.json #this user/password is used together with http_digest_auth and http_basic_auth spring profiles tip.wlan.serviceUser=user -tip.wlan.servicePassword=password +# The value in here is bcrypt-encoded string "password", generated with the following command +# htpasswd -nBC 10 "" | cut -d ':' -f2 +tip.wlan.servicePassword=$2y$10$rXnaSR5q2PsFWs8WEfJAguKAPh0oHLFkAJFqd7Pf7PVa3cOIClGoS spring.main.show-banner=false server.port=9096