From 74e563da7fa6886449fd2be5933e2d4ca5c85f48 Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期二, 12 九月 2023 11:25:52 +0800
Subject: [PATCH] [UPDATE] 解決弱點Se: Incorrect definition of Serializable class [UPDATE] 解決弱點Information exposure to log file [UPDATE] 解決弱點Use of hard-coded password
---
pamapi/src/main/resources/config/application-dev.yml | 64 +++++++++++++++++++++++--------
1 files changed, 47 insertions(+), 17 deletions(-)
diff --git a/pamapi/src/main/resources/config/application-dev.yml b/pamapi/src/main/resources/config/application-dev.yml
index e93ffa8..bc4db38 100644
--- a/pamapi/src/main/resources/config/application-dev.yml
+++ b/pamapi/src/main/resources/config/application-dev.yml
@@ -32,9 +32,10 @@
indent-output: true
datasource:
type: com.zaxxer.hikari.HikariDataSource
- url: jdbc:postgresql://localhost:5432/pamapi
- username: pamapi
- password:
+ url: jdbc:postgresql://dev.pollex.com.tw:5433/pam_p2
+ #url: jdbc:postgresql://localhost:5432/omo?currentSchema=public
+ username: pamadmin
+ password: pamadmin
hikari:
poolName: Hikari
auto-commit: false
@@ -44,10 +45,16 @@
# Remove 'faker' if you do not want the sample data to be loaded automatically
contexts: dev, faker
mail:
- host: localhost
- port: 25
- username:
- password:
+ host: smtp.gmail.com
+ port: 587
+ username: pollex.testing@gmail.com
+ password: ilismmmhtscppxft
+ properties:
+ mail:
+ smtp:
+ auth: true
+ starttls:
+ enable: true
messages:
cache-duration: PT1S # 1 second, see the ISO 8601 standard
thymeleaf:
@@ -76,15 +83,14 @@
ehcache: # Ehcache configuration
time-to-live-seconds: 3600 # By default objects stay 1 hour in the cache
max-entries: 100 # Number of objects in each cache entry
- # CORS is only enabled by default with the "dev" profile
- cors:
- # Allow Ionic for JHipster by default (* no longer allowed in Spring Boot 2.4+)
- allowed-origins: 'http://localhost:8100,https://localhost:8100,http://localhost:9000,https://localhost:9000'
- allowed-methods: '*'
- allowed-headers: '*'
- exposed-headers: 'Authorization,Link,X-Total-Count,X-${jhipster.clientApp.name}-alert,X-${jhipster.clientApp.name}-error,X-${jhipster.clientApp.name}-params'
- allow-credentials: true
- max-age: 1800
+# cors:
+# # Allow Ionic for JHipster by default (* no longer allowed in Spring Boot 2.4+)
+# allowed-origins: 'http://localhost:8100,https://localhost:8100,http://localhost:9000,https://localhost:9000'
+# allowed-methods: '*'
+# allowed-headers: '*'
+# exposed-headers: 'Authorization,Link,X-Total-Count,X-${jhipster.clientApp.name}-alert,X-${jhipster.clientApp.name}-error,X-${jhipster.clientApp.name}-params'
+# allow-credentials: true
+# max-age: 1800
security:
authentication:
jwt:
@@ -111,4 +117,28 @@
# https://www.jhipster.tech/common-application-properties/
# ===================================================================
-# application:
+application:
+ mock-login: true
+ otp-web-service-url: https://vtwlifeopensyssit.pru.intranet.asia:443/pcalife-otp/ws/otpWebService?wsdl
+ otp-web-service-password: es20!%Pass
+ otp-web-service-system-type: epos
+ e-service-login-url: https://eserviceuat.pcalife.com.tw/sso/chatbotValidate
+ e-service-login-func: ValidateUsrLogin
+ e-service-login-sys: epos
+ front-end-domain: 'http://localhost:3000/#'
+ sms:
+ send-notify-msg: false
+ url: https://localhost:8081/testSMS
+ source-code: ePos
+ sender: POS
+ sms-type: '0017'
+ subject: '慦�像��'
+ email:
+ send-notify-msg: false
+ url: https://localhost:8081/testEmail
+ function-id: epos
+ sender-email: noreply@pcalife.com.tw
+ method: 'POLLEX_GMAIL'
+ file-folder-path: C://pam_file
+ aes-key: PAMKEY1234567890
+ default-paxxword:
--
Gitblit v1.8.0