[AML-4001] YJ Credentials API stores credentials in Distribution Service - Admax Local

Details

Type: Task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: Apollo
Fix Version/s: Apollo
Component/s: None
Labels:
None

Story Points:
8
Sprint:
Sprint 10, Sprint 11, Sprint 12

Description

Includes accountId, onBehalfOfAccountId, onBehalfOfPassword and credentialsHash

The onBehalfOfPassword must be stored using a configurable public key encryption scheme.

The logging of requests needs to have the passwords redacted.

The private key should NOT be stored in the YJ Credentials API or anywhere on a front1 server. The private key will be used on the core server to decrypt the passwords in order to contact YJ API.

This ensures that a compromised front server cannot leak YJ credentials in a usable format.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

AML-4001-distribution-service-soapui-project.xml
7 kB
10/Feb/16 9:48 AM

Activity

People

Assignee:

Anil Kumar Halmadgi

Reporter:

Jason Stedman (Inactive)

Votes:

0 Vote for this issue

Watchers:

3 Start watching this issue

Dates

Created:

27/Jan/16 10:06 AM

Updated:

02/Mar/16 6:11 PM

Resolved:

08/Feb/16 5:26 PM