OJS development discussion, enhancement requests, third-party patches and plug-ins.
Moderators: jmacgreg, btbell, michael, bdgregg, barbarah, asmecher
The Public Knowledge Project Support Forum is moving to http://forum.pkp.sfu.ca
This forum will be maintained permanently as an archived historical resource, but all new questions should be added to the new forum. Questions will no longer be monitored on this old forum after March 30, 2015.
In the LDAP authentication sources set up for LDAP, it shows the saved Manager password in cleartext on the form. Wouldn't it be a good idea to not show it at all? The one editing the form should know it already, but to prevent trouble I'd prefer to know that no one will ever see the password again.
Similarly when typing in the password there, can it also be hidden or shown as * instead?
- Posts: 112
- Joined: Mon Jun 25, 2007 1:23 pm
- Location: British Columbia, Canada
Agreed -- passwords should never be echoed back to the browser. This isn't a high priority fix for us, as the LDAP configuration form is not a regularly-used page, but I've created a Bugzilla entry for a future release; see http://pkp.sfu.ca/bugzilla/show_bug.cgi?id=2971
Public Knowledge Project Team
- Posts: 10015
- Joined: Wed Aug 10, 2005 12:56 pm
Return to OJS Development
Who is online
Users browsing this forum: obi and 1 guest