堆栈内存溢出
  简体   繁体   English

WSO2企业商店1.0.0:安全性

[英]WSO2 Enterprise Store 1.0.0: security

 原文  2014-01-28 13:34:48       security/ wso2/ wso2es

问题描述

In WSO2 Enterprise Store 1.0.0 there is a lack of security on some aspects. WSO2 Enterprise Store 1.0.0中,某些方面缺乏安全性。

For example: several public files contain sensitive data as the location and clear password of keystores: 例如:几个公共文件包含敏感数据作为密钥库的位置和清除密码:

  • /store/config/publisher.json /store/config/publisher.json
  • /publisher/config/publisher.json /publisher/config/publisher.json

I'm still trying to figure why these data are needed on client side... 我仍在尝试弄清楚为什么客户端需要这些数据...

Is there any configuration setting to solve this issue? 是否有任何配置设置可以解决此问题?

1 个解决方案

解决方案1
 1  2014-01-29 13:25:17

You can solve this issue by adding following URL mapping to the jaggery.conf inside both publisher and store apps. 您可以通过在发布者和商店应用程序内的jaggery.conf中添加以下URL映射来解决此问题。 

{
 "url": "/config/*",
 "path": "/"
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 WSO2 Enterprise Store 1.0.0:访问控制 - WSO2 Enterprise Store 1.0.0: access control WSO2安全用户名令牌ESB和DSS - WSO2 SECURITY USERNAMETOKEN ESB AND DSS WSO2 API管理器安全层 - WSO2 API manager security layer WSO2碳 - 以编程方式应用安全性 - WSO2 Carbon - Programmatically Apply Security 基于WSO2 ESB方法的安全性 - WSO2 ESB method based security WSO2 ESB 在绑定层次结构中应用安全策略 - WSO2 ESB applying security policies at binding hierarchy WSO2 ESB 4.9.0无法在启用安全保管库的情况下启动 - WSO2 ESB 4.9.0 fails to start with security vault enabled WSO2 WS安全密码只能不带证书吗? - WSO2 WS Security Password only without certificate possible? 我如何知道哪些是 WSO2 关键安全更新? - How do I know which are the WSO2 critical security updates? 使用WSO2 IS保护WSO2 AS - Secure WSO2 AS with WSO2 IS
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM