[jbosstools-issues] [JBoss JIRA] (JBIDE-17973) Application wizard, embed wizard: Obscure database password

Andre Dietisheim (JIRA) issues at jboss.org
Fri Jan 9 09:32:31 EST 2015 

    [ https://issues.jboss.org/browse/JBIDE-17973?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13031320#comment-13031320 ] 

Andre Dietisheim commented on JBIDE-17973:
------------------------------------------

setting fixVersion to LATER since the main focus now is to create tooling for OpenShift v3.

> Application wizard, embed wizard: Obscure database password
> -----------------------------------------------------------
>
>                 Key: JBIDE-17973
>                 URL: https://issues.jboss.org/browse/JBIDE-17973
>             Project: Tools (JBoss Tools)
>          Issue Type: Feature Request
>          Components: openshift
>    Affects Versions: 4.2.0.Beta2
>            Reporter: Catherine Robson
>            Assignee: Max Rydahl Andersen
>            Priority: Minor
>              Labels: application_wizard, embed_wizard, uxtest
>             Fix For: LATER
>
>
> When creating an OpenShift application with a database cartridge, the database password is shown in clear text.  This password should be obscured.  
> It was noted that OpenShift does show clear text passwords in some locations, the difference here is that the user did not prompt for this information meaning we are displaying a password in clear text at a potential point where the user is not aware they need to be in a 'secure' environment.
> Reproduce steps:
> 1. Open new OpenShift Application wizard
> 2. Sign in & proceed to next screen
> 3. Choose application cartridge (JBoss EAP 6 for instance) & proceed to next screen
> 4. Add embedded cartridge for database (mySQL 5.5 for instance) & proceed to next screen
> 5. Click next on set up project screen
> 6. Click finish on next screen
> 7 -> ISSUE HERE.  Once app is created, pop-up is shown with mySQL database password shown in clear text.  Screenshot: https://www.evernote.com/shard/s230/sh/cd8123fb-a400-4699-ad08-bcbc06f7b5d5/5513a009f80cfb4099ba4dd0c5640212
> Expected:  Password on this pop-up should be obscured.



--
This message was sent by Atlassian JIRA
(v6.3.11#6341)

More information about the jbosstools-issues mailing list