Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-23033

TFS Password visible in view source

    XMLWordPrintable

Details

    Description

      The password that is entered in the job configuration when connecting to TFS is visible in the browsers "view source". This is a big issue for us because we need to use our domain users to connect to TFS and Jenkins is open to everyone in the company.
      The value in the password field when you enter configuration and the password was already set should be a placeholder that indicates the server that the password didn't change from the last time (something like "samepassword", but more complex, to avoid actual users from using that password).

      Attachments

        Activity

          mompox Roberto Powell created issue -
          scm_issue_link SCM/JIRA link daemon made changes -
          Field Original Value New Value
          Resolution Fixed [ 1 ]
          Status Open [ 1 ] Resolved [ 5 ]
          oli_at_jsi Olivier Dagenais made changes -
          Assignee redsolo [ redsolo ] Olivier Dagenais [ oli_at_jsi ]
          Labels password security
          oli_at_jsi Olivier Dagenais made changes -
          Status Resolved [ 5 ] Closed [ 6 ]
          rtyler R. Tyler Croy made changes -
          Workflow JNJira [ 155354 ] JNJira + In-Review [ 207710 ]

          People

            oli_at_jsi Olivier Dagenais
            mompox Roberto Powell
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: