From 22a5ad3acef0bfb8353dac64d4cbe0d52f6d2a07 Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期五, 01 九月 2023 10:16:41 +0800
Subject: [PATCH] [UPDATE] 解決弱點Use of hard-coded cryptographic key , 把key移到設定檔

---
 pamapi/src/main/resources/config/application-prod.yml |   17 +++++++++--------
 1 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/pamapi/src/main/resources/config/application-prod.yml b/pamapi/src/main/resources/config/application-prod.yml
index 205c1e5..73f9399 100644
--- a/pamapi/src/main/resources/config/application-prod.yml
+++ b/pamapi/src/main/resources/config/application-prod.yml
@@ -15,9 +15,9 @@
 
 logging:
   level:
-    ROOT: INFO
-    tech.jhipster: INFO
-    com.pollex.pam: INFO
+    ROOT: DEBUG
+    tech.jhipster: DEBUG
+    com.pollex.pam: DEBUG
 
 management:
   metrics:
@@ -132,24 +132,25 @@
 # PROD�憓�Ⅱ隤�
 application:
   mock-login: false
-  otp-web-service-url: https://vtwlifeopensysuat.pru.intranet.asia/pcalife-otp/ws/otpWebService?wsdl
+  otp-web-service-url: https://vtwlifeopensystem.pru.intranet.asia/pcalife-otp/ws/otpWebService?wsdl
   otp-web-service-password: es20!%Pass
   otp-web-service-system-type: omo
-  e-service-login-url: https://eserviceuat.pcalife.com.tw/sso/chatbotValidate
+  e-service-login-url: https://www.eservice.pcalife.com.tw/sso/chatbotValidate
   e-service-login-func: ValidateUsrLogin
   e-service-login-sys: epos
-  front-end-domain: 'https://onlineuat.pcalife.com.tw/pam/#'
+  front-end-domain: 'https://online.pcalife.com.tw/pam/#'
   sms:
     send-notify-msg: true
-    url: https://vtwlifeopensysuat.pru.intranet.asia/MesgQueueMgmnt/rest/smsSendMsgResource
+    url:  https://vtwlifeopensystem.pru.intranet.asia/MesgQueueMgmnt/rest/smsSendMsgResource
     source-code: ePos
     sender: POS
     sms-type: '0017'
     subject: '慦�像��'
   email:
     send-notify-msg: true
-    url: https://vtwlifeopensysuat.pru.intranet.asia/tsgw/mq/mqSendMail
+    url: https://vtwlifeopensystem.pru.intranet.asia/tsgw/mq/mqSendMail
     function-id: epos
     sender-email: noreply@pcalife.com.tw
     method: 'PAM_EMAIL_SERVICE'
   file-folder-path: /sfs_omo/AgentPhoto/
+  aes-key: PAMKEY1234567890

--
Gitblit v1.8.0