Hi all, moving this topic from the GitHub merge request to Talk. Ticket here
We generally do not recommend storing passwords in global properties. Did you evaluate running it instead as a daemon user account?
I did not, I think what I’ll do is leave it as this for now but then create a ticket and do a separate pull request after this is merged. Does that sound good? I’m not sure what running it as a daemon user account involves so some guidance would be helpful!
@dkayiwa this is not a password for an OpenMRS account, it’s a password to the MPI so daemon user doesn’t apply. But I still agree that we should always avoid storing passwords as GP since they get displayed as text in the UI, I don’t know what the solution is but for now I’d ignore this. I personally think we should possibly consider using environment variables but this is a design forum topic.
fyi @mogoodrich @mseaton @craigappl @pgesek @jiahaochua