[JIRA] [mask-passwords-plugin] (JENKINS-25735) Mask Passwords doen't mask Credentials Parameter

Fri, 21 Nov 2014 08:36:49 -0800

Issue Type: Bug Bug
Assignee: Daniel Petisme
Components: mask-passwords-plugin
Created: 21/Nov/14 4:34 PM
Description:

After installing Mask Passwords Plugin 2.7.2, it allows the system configuration to set the passwords to be masked. One of which is Credentials Parameter.

However, in a project, if mask passwords is selected and an existing credential is used in the build step, the information is still displayed plaintext within the console output.

Steps To Reproduce:

  1. Configure System
    • Mask Passwords - Parameters to automatically mask
      [x] Non-Stored Password Parameter
      [x] Credentials Parameter
      [x] Password Parameter
    • Mask Passwords - Global name/password pairs
      None added.
      I already have several "Username with password" Global credentials
  2. Create freestyle project
    • [x] Mask passwords (and enable global passwords)
      Responce: Password Parameters, or any other type of build parameters selected for masking in Hudson's/Jenkins' main configuration screen (Manage Hudson > Configure System), will be automatically masked.
    • [x] Use secret text(s) or file(s)
      Add: Username and password
      Variable: oracleCredential
      Credentials
      (*) Specific credentials
      my_oracle_username/***** (Oracle remote login)
      parameter _expression_: ${oracleCredential}
    • Add build step: Execute Windows batch command
      Command: @echo %oracleCredential%
    • [Save]
  3. Build Now, and examine Console Output
    Expected: ********** is displayed in place of %oracleCredential%
    Actual: Actual username:password value of %oracleCredential% is displayed.
Environment: Jenkins 1.580.1 running as a Windows service
Windows Server 2008 R2 SP1 64-bit
Firefox 33.1.1
Plugins: (abbreviated list)
   * Credentials Binding Plugin 1.2
   * Credentials Plugin 1.18
   * Plain Credentials Plugin 1.0
   * SSH Credentials Plugin 1.10
   * Mask Passwords Plugin 2.7.2
Project: Jenkins
Labels: plugin, jenkins, security, credentials, mask-passwords
Priority: Minor Minor
Reporter: Marshall GSEIT
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira

--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to