Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to mask a password in macro browser?

S K Bera
S K Bera February 21, 2017

During insertion of a plugin macro in Confluence page, a password is input through Macro Browser by the editor of the page and the password remains exposed to other editor of the same Confluence page.

That's why it's better to mask the password. But the parameter options seem to have no such facilities presently.

What I need is support for type="password" as parameter options.

If suitable parameters option is not available, what is the alternative?

Answer
Watch
Like Be the first to like this
3209 views

6 answers

1 accepted

0 votes
Answer accepted
Davin Studer
Davin Studer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 24, 2017

So, there are a couple things that you should think about regarding this since you are developing the add-on yourself. If you truly want to hide the password from your users, then you probably don't want to do this the way you are thinking as the password would be stored in clear text in the Confluence storage format (which is easily accessible from https://yourserver/plugins/viewstorage/viewpagestorage.action?pageId=#####). Not only that your users could easily get the password with a very small amount of javascript run from the browser's dev console. A more typical approach would be to create a place in Confluence Admin where an admin could create canned SQL connections. Then in your macro you provide your users a drop down to select which connection they want. That would be a better method to secure your passwords. The way you are going about it would not be secure at all.

Reply
0 votes
S K Bera
S K Bera February 24, 2017

Thanks for clear explanation. I would try to create data sources in Confluence Admin to be later used from application.

Reply
0 votes
S K Bera
S K Bera February 23, 2017

I'm using confluence SDK environment for plugin development. My plugin is based on the setup created by the command "atlas-create-jira-plugin-module".

Reply
0 votes
Davin Studer
Davin Studer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 23, 2017

What is the add-on name, or is this something y'all have made yourselves?

Reply
0 votes
S K Bera
S K Bera February 23, 2017

It's a macro plugin for Confluence to query external database. Its parameter list goes like this in file "atlassian-plugin.xml":

<xhtml-macro name="database-query" class="com.atlassian.tutorial.macro.DatabaseQuery" key="database-query-macro">
<description key="database-query.macro.desc"/>
<category name="formatting"/>
<parameters>
<parameter name="Database_Type" type="enum">
<value name="MySql"/>
<value name="Oracle"/>
</parameter>

<parameter name="Host_Name" type="string"/>

<parameter name="Port" type="string"/>

<parameter name="SID_or_DB" type="string"/>

<parameter name="User_Name" type="string"/>

<parameter name="Password" type="username"/>

<parameter name="SQL" type="string"/>
</parameters>

 

At the end macro (JAR file) is added by add-on manager. When the macro is inserted to a Confluence page, Macro browser is opened to get the parameters (before preview).

The macro plugin works fine. Only problem is password field is exposed to other users also because it's not masked (what is done by a type "password" filed in html).

Is my description of the problem enough to understand?

Please reply.

Reply
0 votes
Davin Studer
Davin Studer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 22, 2017

What macro of what add-on is this for?

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events