You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Thomas O'Dowd (JIRA)" <ji...@apache.org> on 2013/07/03 08:48:20 UTC
[jira] [Created] (CLOUDSTACK-3342) Object_Store_Refactor - S3
"Secret Key" must not be visible in the UI after S3 Object store creation.
Thomas O'Dowd created CLOUDSTACK-3342:
-----------------------------------------
Summary: Object_Store_Refactor - S3 "Secret Key" must not be visible in the UI after S3 Object store creation.
Key: CLOUDSTACK-3342
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-3342
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: UI
Affects Versions: 4.2.0
Reporter: Thomas O'Dowd
1. Login to a freshly deployed devcloud server.
2. Click Infrastructure
3. Click secondary Storage
4. Remove NFS
5. Add new S3 Secondary Storage (anything will do for this bug as its a display bug)
6. Re-visit secondary storage and click on the S3 storage you created.
Expectation:
You can NOT see the "secret key".
Actual:
You can see all the details of the S3 object store including the "secret key".
The secret key is like a password. Anyone knowing the secret key can upload/delete etc from the S3 store. It should not be available easily in my opinion. I guess its easily available in the database anyway but lets keep it out of the browser after its been input. It can be displayed using ***.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira