When editing the option mail.server.password, the label shows the password in plain text. It should be better use asterisks in visualization and editing the password.
I just looked into it. The problem is that code to edit fields is generic, meaning there is no option to to change anything. The text to display as well as the value to change is set by ConfigFormPage.java (package: info.jtrac.wicket). This fills the values for ConfigFormPage.html (also package: info.jtrac.wicket).
As I don't know wicket, I can't tell if there is some 'if..else' that can be used inside the HTML code. With that I could add change the input field to <tt>type="password"</tt> when the key contains the substring "password" or as in this case the concrete key "mail.server.password".
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Ok, I almost thought the code below would fix it but wicket complains and throws the error at the end of this message...
-----------
/*
* We have to check if the 'param' field refers to a normal
* text that can to be edited or a password field.
* If it's password field we have to use the PasswordTextField,
* otherwise the text would be visible.
*/
if (this.param.toLowerCase().indexOf("password") != -1) {
// It seems to be a password field
add(new PasswordTextField("value"));
} else {
// It's a normal text field
add(new TextField("value"));
}
---------
Error thrown when run with the code above:
org.apache.wicket.markup.MarkupException: Component value must be applied to a t
ag with 'type' attribute matching 'password', not 'null'.
So simply replacing TextField with PasswordTextField doesn't work. As I'm off on vacation in a few hours I can't look into it in more detail. Maybe someone else could take a look.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Ok, fixed it but in the list with all the settings the password will be still visible!
Added two new files (ConfigPasswordFormPage.java and ConfigPasswordFormPage.html) and modded one (ConfigListPage.java).
I just checked in the modifications.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Fixed showing the current password in the editing dialog. Still the value is shown in the list of all configuration parameters. If someone doesn't like that feel free to open another ticket.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I just looked into it. The problem is that code to edit fields is generic, meaning there is no option to to change anything. The text to display as well as the value to change is set by ConfigFormPage.java (package: info.jtrac.wicket). This fills the values for ConfigFormPage.html (also package: info.jtrac.wicket).
As I don't know wicket, I can't tell if there is some 'if..else' that can be used inside the HTML code. With that I could add change the input field to <tt>type="password"</tt> when the key contains the substring "password" or as in this case the concrete key "mail.server.password".
Ok, I almost thought the code below would fix it but wicket complains and throws the error at the end of this message...
-----------
/*
* We have to check if the 'param' field refers to a normal
* text that can to be edited or a password field.
* If it's password field we have to use the PasswordTextField,
* otherwise the text would be visible.
*/
if (this.param.toLowerCase().indexOf("password") != -1) {
// It seems to be a password field
add(new PasswordTextField("value"));
} else {
// It's a normal text field
add(new TextField("value"));
}
---------
Error thrown when run with the code above:
org.apache.wicket.markup.MarkupException: Component value must be applied to a t
ag with 'type' attribute matching 'password', not 'null'.
So simply replacing TextField with PasswordTextField doesn't work. As I'm off on vacation in a few hours I can't look into it in more detail. Maybe someone else could take a look.
Ok, fixed it but in the list with all the settings the password will be still visible!
Added two new files (ConfigPasswordFormPage.java and ConfigPasswordFormPage.html) and modded one (ConfigListPage.java).
I just checked in the modifications.
Fixed showing the current password in the editing dialog. Still the value is shown in the list of all configuration parameters. If someone doesn't like that feel free to open another ticket.