RFE Review : JDK-5016517 - Replace plaintext passwords by hashed passwords for out-of-the-box JMX Agent
mandy chung
mandy.chung at oracle.com
Thu Oct 12 15:10:26 UTC 2017
On 10/12/17 1:16 AM, Harsha Wardhana B wrote:
>
>> I'm thinking any better alternative to the new property name??
>> com.sun.management.jmxremote.password.hashes
>> com.sun.management.jmxremote.password.asHashes com.sun.management.jmxremote.passowrd.toHashes
I suggest to rename com.sun.management.jmxremote.password.hashpasswords
to com.sun.management.jmxremote.password.hashes.
What do you think?
>> 67 # If multiple entries are found for the same role name, then the
>> last one 68 # is used.
>> If there are multiple entries of the same role, will all entries be
>> overridden with hash value? It may be better to detect as an error
>> when there are more than one entries of the same role?
> It would be better to log a warning. Throwing an error would seem a
> bit extreme.
What happen to the duplicated entries? The clear password will stay?
Warning is fine.
Mandy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/serviceability-dev/attachments/20171012/455e1320/attachment.html>
More information about the serviceability-dev
mailing list