Hi all, moving this topic from the GitHub merge request to Talk. Ticket here
Registration Core:
omod/src/main/resources/config.xml
<property>${project.parent.artifactId}.mpi.username</property>
<defaultValue></defaultValue>
<property>${project.parent.artifactId}.mpi.password</property>
<defaultValue>admin</defaultValue>
@dkayiwa We generally do not recommend storing passwords in global properties. Did you evaluate running it instead as a daemon user account?
@shaoyuancc I did not, I think what I’ll do is leave it as this for now but then create a ticket and do a separate pull request after this is merged. Does that sound good? I’m not sure what running it as a daemon user account involves so some guidance would be helpful!
@wluyima @dkayiwa this is not a password for an OpenMRS account, it’s a password to the MPI so daemon user doesn’t apply. But I still agree that we should always avoid storing passwords as GP since they get displayed as text in the UI, I don’t know what the solution is but for now I’d ignore this. I personally think we should possibly consider using environment variables but this is a design forum topic.