It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Follow this question
Question details

×42,632
×6,034

question asked: Apr 13 '15, 5:04 a.m.
question was seen: 2,579 times
last updated: Apr 13 '15, 6:42 a.m.

Related questions

FAQ - How this Forum works

RTC sends username and password in clear text. Is this expected behavior?

0
Praveen Krishnan (1122) | asked Apr 13 '15, 5:04 a.m.

Hi,

We are programmatically retrieving data from RTC and displaying work item information on our internal portal. While debugging using FIDDLER we see that the username and password are being sent across as clear text.

We are running 5.0.2 in a distributed environment.

One answer

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Ralph Schoon (62.3k33643) | answered Apr 13 '15, 5:18 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
edited Apr 13 '15, 5:19 a.m.
I would assume that it is sent within an encrypted HTTPS message.

If you set up Fiddler as ´"man in the middle" proxy with HTTPS certificates you obviously would be able see the unencrypted content.

My 2 cent
Comments
Praveen Krishnan commented Apr 13 '15, 6:42 a.m.

We  have disabled the security certificate settings on our WebSphere application server.

Do we need to setup self-signed certificates?

Your answer

Register or to post your answer.