For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

bram_11546's avatar
bram_11546
Icon for Nimbostratus rankNimbostratus
Apr 10, 2012

password security in an iApp

In iApps you can include password fields which is nice.

 

 

These passwords are retained when you reconfigure the app, which is even nicer.

 

 

But how are they protected ?

 

Are they also stored in the 'secure vault' ?

 

 

BR

 

Bram

 

 

automation
devops
iApps
management
TMSH

2 Replies

  • Brent_Blood_768's avatar
    Brent_Blood_768
    Historic F5 Account
    Apr 11, 2012
    Hello Bram,

    Unfortunately, the values provided for "password" fields in iApps are not encrypted (or even obfuscated) as they are stored on disk. The UI hides it when you are viewing the template, but that's as far as it goes. You can see this for yourself via tmsh by running: 

    list sys application service myservice.app/myservice

    Substitute both instances of "myservice" in that command with the name you chose for the iApp service when you completed the form. That command will show you the configuration for the application, including its variables which will contain the plaintext of the password.

    If this is an issue for you, I would encourage you to open a support case and ask for a Request for Enhancement (RFE) stating your expectations and desires.

    Cheers,

    -Brent

  • bram_11546's avatar
    bram_11546
    Icon for Nimbostratus rankNimbostratus
    Apr 11, 2012
    Hi Brent,

     

     

    thank you for your answer.

     

    I see there is also a bigip_script.conf that contains the passwords in plain text.

     

    I am going to launch that RFE.

     

     

    BR

     

    Bram