RTC sends username and password in clear text. Is this expected behavior?
Hi, We are programmatically retrieving data from RTC and displaying work item information on our internal portal. While debugging using FIDDLER we see that the username and password are being sent across as clear text. We are running 5.0.2 in a distributed environment. |
One answer
Ralph Schoon (63.4k●3●36●46)
| answered Apr 13 '15, 5:18 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER edited Apr 13 '15, 5:19 a.m.
I would assume that it is sent within an encrypted HTTPS message.
If you set up Fiddler as ´"man in the middle" proxy with HTTPS certificates you obviously would be able see the unencrypted content. My 2 cent Comments
Praveen Krishnan
commented Apr 13 '15, 6:42 a.m.
We have disabled the security certificate settings on our WebSphere application server. Do we need to setup self-signed certificates? |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.