Feature #7516
Create encryption hash if none was defined
Status: | Resolved | Start date: | 2010-06-23 | |
---|---|---|---|---|
Priority: | Should have | Due date: | ||
Assigned To: | Karsten Dambekalns | % Done: | 100% |
|
Category: | Security | |||
Target version: | TYPO3 Flow Base Distribution - 1.0 alpha 10 | Estimated time: | 2.00 hours | |
PHP Version: | Complexity: | |||
Has patch: |
Description
Currently you'll get an exception if you didn't define an encryption hash:
#1258991855: You must configure an encryption key for the HashService
Most people won't see this message though because there's a default encryption key defined in the Base distibution. A bad idea, because many people will just leave it like it is.
Therefore we should:
- not provide a default encryption key
- let the HashService generate a random key if none exists and save it into the global Settings.yaml file
Related issues
Associated revisions
[~TASK] FLOW3 (Core): The Bootstrap will now accept only "Production" or "Development" as valid contexts because this is how we currently use FLOW3. As soon as we really now how we want to support additional contexts, we can make it more flexible again. As a side effect, FLOW3 won't complain about missing context directories in the global Configuration dir.
[~TASK] FLOW3 (Security): Set a default encryption key for the time being until automatic generation is implemented. Relates to #7516
History
#1 Updated by Robert Lemke about 5 years ago
- Target version deleted (
1.0 alpha 9)
#2 Updated by Karsten Dambekalns about 5 years ago
- Status changed from New to Accepted
- Assigned To set to Karsten Dambekalns
- Target version set to 1.0 alpha 10
- Start date changed from 2010-04-28 to 2010-06-23
- Estimated time set to 2.00
#3 Updated by Karsten Dambekalns about 5 years ago
- Status changed from Accepted to Resolved
- % Done changed from 0 to 100
Applied in changeset r4616.