[TOMEE-450] TomEE configuration should be secure by default & use a profile manager for development configuration - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.5.0
Fix Version/s: 1.5.1
Component/s: None
Labels:
None

Description

TomEE 1.5.0 default configuration is unsecure by default, at least with regard to those items:

it comes with predefined users tomee-admin and tomee
it includes tomee administration UI
(there are probably more)

A noticeable improvement for TomEE would be to deliver it "secure by default" and provide a profile management tool (command line is fine) to change its setup in a "developper mode" with admin users & admin UI enabled.

IBM WebSphere has a tool called profile management tool which allows this kind of setup in a few clicks (with couple of options).

Attachments

Activity

People

Assignee:: Romain Manni-Bucau

Reporter:: Alex the Rocker

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 06/Oct/12 19:18

Updated:: 28/Jan/13 12:38

Resolved:: 28/Jan/13 12:38