roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <>
Subject [jira] [Work logged] (ROL-2137) Require setting rememberme.key
Date Sat, 11 May 2019 21:16:00 GMT


ASF GitHub Bot logged work on ROL-2137:

                Author: ASF GitHub Bot
            Created on: 11/May/19 21:15
            Start Date: 11/May/19 21:15
    Worklog Time Spent: 10m 
      Work Description: snoopdave commented on pull request #27: [ROL-2137] Require setting
   if you're going to enable remember me then you must set a unqiue key; and not the well
known "springRocks" that was the previous default.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:

Issue Time Tracking

            Worklog Id:     (was: 240676)
            Time Spent: 10m
    Remaining Estimate: 0h

> Require setting rememberme.key 
> -------------------------------
>                 Key: ROL-2137
>                 URL:
>             Project: Apache Roller
>          Issue Type: Improvement
>            Reporter: David Johnson
>            Assignee: David Johnson
>            Priority: Major
>             Fix For: 5.2.3
>          Time Spent: 10m
>  Remaining Estimate: 0h
> If you are going to enable rememberMe in Roller then you really MUST set a unique (and
secret) key for Spring Security's remember me feature.
> Change Roller so that remember-me will not work unless a ''rememberme.key' property set
and it is set to something other than the old default value 'springRocks'

This message was sent by Atlassian JIRA

View raw message