简体繁体中英

WSO2 Enterprise Store 1.0.0: security

原文 2014-01-28 13:34:48 3 1 security/ wso2/ wso2es

In WSO2 Enterprise Store 1.0.0 there is a lack of security on some aspects.

For example: several public files contain sensitive data as the location and clear password of keystores:

/store/config/publisher.json
/publisher/config/publisher.json

I'm still trying to figure why these data are needed on client side...

Is there any configuration setting to solve this issue?

1 answers

You can solve this issue by adding following URL mapping to the jaggery.conf inside both publisher and store apps.

{
 "url": "/config/*",
 "path": "/"
}

WSO2 Enterprise Store 1.0.0: access control

WSO2 SECURITY USERNAMETOKEN ESB AND DSS

WSO2 API manager security layer

WSO2 Carbon - Programmatically Apply Security

WSO2 ESB method based security

WSO2 ESB applying security policies at binding hierarchy

WSO2 ESB 4.9.0 fails to start with security vault enabled

WSO2 WS Security Password only without certificate possible?

How do I know which are the WSO2 critical security updates?

Secure WSO2 AS with WSO2 IS

暂无

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question WSO2 Enterprise Store 1.0.0: access control WSO2 SECURITY USERNAMETOKEN ESB AND DSS WSO2 API manager security layer WSO2 Carbon - Programmatically Apply Security WSO2 ESB method based security WSO2 ESB applying security policies at binding hierarchy WSO2 ESB 4.9.0 fails to start with security vault enabled WSO2 WS Security Password only without certificate possible? How do I know which are the WSO2 critical security updates? Secure WSO2 AS with WSO2 IS

Related Tags

粤ICP备18138465号 © 2020-2024 STACKOOM.COM