Thomas O'Dowd created CLOUDSTACK-3342:
-----------------------------------------
Summary: Object_Store_Refactor - S3 "Secret Key" must not be
visible in the UI after S3 Object store creation.
Key: CLOUDSTACK-3342
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-3342
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: UI
Affects Versions: 4.2.0
Reporter: Thomas O'Dowd
1. Login to a freshly deployed devcloud server.
2. Click Infrastructure
3. Click secondary Storage
4. Remove NFS
5. Add new S3 Secondary Storage (anything will do for this bug as its a display
bug)
6. Re-visit secondary storage and click on the S3 storage you created.
Expectation:
You can NOT see the "secret key".
Actual:
You can see all the details of the S3 object store including the "secret key".
The secret key is like a password. Anyone knowing the secret key can
upload/delete etc from the S3 store. It should not be available easily in my
opinion. I guess its easily available in the database anyway but lets keep it
out of the browser after its been input. It can be displayed using ***.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
