<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="font-family: Calibri, sans-serif; font-size: 14px; color: rgb(0, 0, 0);">
I'm setting up a new gateway in apiman. I put in the wrong password for the configuration endpoint credentials, and this is what I got on the "New Gateway" screen:</div>
<div style="font-family: Calibri, sans-serif; font-size: 14px; color: rgb(0, 0, 0);">
<br>
</div>
<div style="color: rgb(0, 0, 0);"><strong apiman-i18n-key="gateway-config-invalid.title">Gateway Configuration Invalid</strong>
<div apiman-i18n-key="gateway-config-invalid.msg">Something has gone wrong when testing the Gateway. Hopefully the details (below) will help you figure out what.</div>
</div>
<div>
<blockquote style="font-family: Calibri, sans-serif; font-size: 14px; margin: 0px 0px 0px 40px; border: none; padding: 0px;">
<div apiman-i18n-key="gateway-config-invalid.msg" style="color: rgb(0, 0, 0);"></div>
</blockquote>
<div style="margin-top: 8px;">
<pre class="ng-binding" style="font-family: Calibri, sans-serif; font-size: 14px;">{"data":"<html><head><title>Error</title></head><body>Unauthorized</body></html>","status":401,"config":{"method":"PUT","transformRequest":[null],"transformResponse":[null],"data":{"name":"The Gateway","description":"Gateway to back-end services","configuration":"{\"endpoint\":\"https://[GATEWAY_URI]/apiman-gateway-api/\",\"username\":\"apimanager\",\<b><font color="#ff2600">"password\":\"api-manager$65454\"</font></b>}","type":"REST"},"url":"https://[APIMAN_URI]/apiman/gateways","headers":{"Accept":"application/json, text/plain, */*","Content-Type":"application/json;charset=utf-8","Authorization":"Bearer [TOKEN]"}},"statusText":"Unauthorized"}</pre>
<pre class="ng-binding"><font face="Calibri">Granted that only a mistaken password is shown, this still doesn't seem secure, and also makes me wonder if the credential may be exposed in other similar places. Should I raise an issue on this?</font></pre>
<pre class="ng-binding" style="font-family: Calibri, sans-serif; font-size: 14px;"><br></pre>
</div>
</div>
</body>
</html>