Hi all, Currently registry do not have password field support for RXTs and I'm working on implementing this.
This implementation comes with several concerns as below, 1. UI aspect of the password field 2. Security aspect of the password fields The solution for the concern #1 is, 1. Created a new "PasswordFiels" class in "org.wso2.carbon.governance.generic.ui.common.dataobject" Regarding the security concern of the password field, I identified several challenges. - When to encrypt the password field content. - Whether the encryption should be in UI side or backend side? - When to decrypt the password field content. - Whether the decryption should be done in every time it is viewed or decrypt the password field content as necessary upon request of the user? Please give your suggestions on regarding these concerns. Thanks, Regards, Sithumini -- -- Sithumini Senevirathne Software Engineer WSO2 Inc. - lean . enterprise . middleware | wso2.com email: [email protected], mobile: +94 756977999
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
