Maciej Lizewski created CONNECTORS-737:
------------------------------------------
Summary: passwords handling in Manifold
Key: CONNECTORS-737
URL: https://issues.apache.org/jira/browse/CONNECTORS-737
Project: ManifoldCF
Issue Type: Bug
Reporter: Maciej Lizewski
Currently you can see stored passwords in HTML body of the page which is quite
big security hole. We could rewrite it so that the field is presented with some
predefined constant string, like "###########" (only to show the field with
some entered text). Then in process*Post handlers we should check if someone
entered anything different here and only in such case overwrite previously
stored password. When posted value is equal to "###########" - we leave
previous password in configuration intact.
this applies to almost all connectors...
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
