Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-4000

Proxy credentials showing in clear text

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Critical
    • Resolution: Fixed
    • Component/s: core
    • Labels:
      None
    • Environment:
      Platform: All, OS: All
    • Similar Issues:

      Description

      In the proxy configuration of Update Manager, when proxy is already configured
      with authentication credentials saved, if you analyze the HTML source you'll
      find the password in clear text.

      Solution: Credentials should not go to Hudson's presentation layer!

        Attachments

          Activity

          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Nicolas De Loof
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7
          Log:
          [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Nicolas De Loof Path: changelog.html http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7 Log: [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: bap2000
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9
          Log:
          [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: bap2000 Path: changelog.html http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9 Log: [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: bap2000
          Path:
          core/src/main/java/hudson/ProxyConfiguration.java
          core/src/main/resources/hudson/PluginManager/advanced.jelly
          http://jenkins-ci.org/commit/jenkins/c4d9fe8e0707330d1d59d6f30a3a2e32b36a88c0
          Log:
          [FIXED JENKINS-4000] , [FIXED JENKINS-4002] encrypt proxy password

          Proxy password is encrypted in xml config file, and in the UI

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: bap2000 Path: core/src/main/java/hudson/ProxyConfiguration.java core/src/main/resources/hudson/PluginManager/advanced.jelly http://jenkins-ci.org/commit/jenkins/c4d9fe8e0707330d1d59d6f30a3a2e32b36a88c0 Log: [FIXED JENKINS-4000] , [FIXED JENKINS-4002] encrypt proxy password Proxy password is encrypted in xml config file, and in the UI
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Nicolas De Loof
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7
          Log:
          [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Nicolas De Loof Path: changelog.html http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7 Log: [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: bap2000
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9
          Log:
          [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: bap2000 Path: changelog.html http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9 Log: [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

            People

            Assignee:
            bap bap
            Reporter:
            rcsilva83 rcsilva83
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: