Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

RTC sends username and password in clear text. Is this expected behavior?

Questions
Tags
Users
Badges
Praveen Krishnan
(1122) Apr 13 '15, 5:04 a.m.

Hi,

We are programmatically retrieving data from RTC and displaying work item information on our internal portal. While debugging using FIDDLER we see that the username and password are being sent across as clear text.

We are running 5.0.2 in a distributed environment.

0 votes

1 answer
3,249 views
0 votes

One answer

Permanent link
Ralph Schoon
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER (63.9k33648) edited
Apr 13 '15, 5:19 a.m.
I would assume that it is sent within an encrypted HTTPS message.

If you set up Fiddler as ´"man in the middle" proxy with HTTPS certificates you obviously would be able see the unencrypted content.

My 2 cent

0 votes

Comments
Praveen Krishnan
Apr 13 '15, 6:42 a.m.

We  have disabled the security certificate settings on our WebSphere application server.

Do we need to setup self-signed certificates?

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 6,125

Question asked: Apr 13 '15, 5:04 a.m.

Question was seen: 3,249 times

Last updated: Apr 13 '15, 6:42 a.m.

Confirmation Cancel Confirm