[jira] [Commented] (NIFI-3439) Making password property in HiveConnectionPool a hidden show.

Tue, 28 Feb 2017 13:51:07 -0800 

    [ 
https://issues.apache.org/jira/browse/NIFI-3439?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15888920#comment-15888920
 ] 

ASF GitHub Bot commented on NIFI-3439:
--------------------------------------

Github user mcgilman commented on the issue:

    https://github.com/apache/nifi/pull/1546
  
    Hey @scottyaslan,
    
    This is a great start, but I think there are a few fundamental issues with 
how `PropertyDescriptors` relay what sort of editor should be used. There does 
not appear to be a cross-browser support for masking `textareas` (multi-line 
input). There exists sensitive properties that currently expect the field to 
support multi-line input. The `input[type=password]` only supports a single 
line.
    
    I think we would need to introduce a new attribute of `PropetyDescriptor` 
which would drive whether or not to use a masked single line input or the 
existing multi-line `textarea`. The existing multi-line `textareas` support 
sensitive by not returning/showing the value once set. We would not be able to 
support a `PropertyDescriptor` that requires masking and multi-line input.
    
    Additional complications exist for sensitive properties that support 
expression language. We'd have to spend some time to determine if `CodeMirror` 
supports masking or if it's possible to introduce that sort of capability. If 
not, we would not be able to support a `PropertyDescriptor` that requires 
masking and supports expression language.


> Making password property in HiveConnectionPool a hidden show.
> -------------------------------------------------------------
>
>                 Key: NIFI-3439
>                 URL: https://issues.apache.org/jira/browse/NIFI-3439
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core UI
>    Affects Versions: 1.1.1
>         Environment: Google Chrome browser
>            Reporter: Ramakrishnan V
>            Assignee: Scott Aslan
>            Priority: Minor
>              Labels: ControllerService, Hive, security
>   Original Estimate: 168h
>  Remaining Estimate: 168h
>
> When user types the password in the password attribute in hive connection 
> pool controller service, the characters are visible. Once completed the 
> password is encrypted and no longer visible.
> shouldn't be me made as normal hidden show password box ?
> The user always has the option to delete the controller service and 
> re-configure if he has entered a wrong password.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to