Show clear passwords in HTTP Authorization Manager

[asfimport]

Michel Nolard (Bug 42245):
Hi !

I found JMeter very useful and well done, so I want to contribute in my way by
pointing those little annoying things which the users have to put up with but
are quite simple to fix.

As my web application allows more than one user to work on a single document, I
have to use variables as user/password pairs in HTTP Authorization Manager to
switch dynamically between test accounts.

This works well, but I found it rather unpleasant that the HTTP Authorization
Manager is unable to display clear passwords when required, which would ease
typing the "${my_password}" things.

I suppose that a simple checkbox in the panel would suffice and provide all what
I am waiting for.

Go on with this good application !

Votes in Bugzilla: 1
OS: AIX

[asfimport]

Sebb (migrated from Bugzilla):
See also #1526

[asfimport]

Sebb (migrated from Bugzilla):
There are some work-rounds:

1. Edit the text in another field (e.g comment), and copy/paste into the
   password field.

2. Check in the JMX file.

I don't think its worth fixing. Maybe later.

[asfimport]

Michel Nolard (migrated from Bugzilla):
Maybe I don't really understand the problem. So, let me show you how I feel it,
then please explain where I misunderstood it.

Why does JMeter supports variables in password fields if they are not fully
supported ? It is a pain to have to copy-paste or manually edit the file when a
simple check box would have made it easier.
Why do we need to hide the password on screen while it is not encrypted in the
file ? If this is for security reasons, then it is only to protect against
people passing by users' desks. In that case, the check box would solve the
matter by completing this "hide my password" feature. Although, if it is not
interesting anymore, a replacement of the password fields by text fields would
help also, simply.

What's wrong with this ?

By the way, what does really mean "later" according to this project's release
cycle ?

Regards,

Michel Nolard

[asfimport]

Sebb (migrated from Bugzilla):
(In reply to comment 3)

Why does JMeter supports variables in password fields if they are not fully
supported ? It is a pain to have to copy-paste or manually edit the file
when a
simple check box would have made it easier.

Variables are supported. You can type directly into the field if you want.

Why do we need to hide the password on screen while it is not encrypted in
the
file ?

There is an outstanding enhancement request to fix this.

By the way, what does really mean "later" according to this project's release
cycle ?

Not for a while. Maybe never.
But if you can provide a patch it may happen quicker.
The patch would need to provide code and updated documentation and screnshots.

[asfimport]

Ravi Gill (migrated from Bugzilla):
This fixes the issue by allowing Editing in nomral readble text form.

Created attachment AuthPanel.java: Changed the password cell to not to use PasswordCellRenderer as Editor, hence when in edit mode the cell shows readable text, and in normal render it hides the pass by using PasswordCellRenderer

[asfimport]

@pmouawad (migrated from Bugzilla):
Date: Tue Jul 17 21:53:44 2012
New Revision: 1362678

URL: http://svn.apache.org/viewvc?rev=1362678&view=rev
Log:
#1927 - Show clear passwords in HTTP Authorization Manager
#1927

Modified:
jmeter/trunk/src/protocol/http/org/apache/jmeter/protocol/http/gui/AuthPanel.java
jmeter/trunk/xdocs/changes.xml

[asfimport]

@pmouawad (migrated from Bugzilla):
Thanks, applied.
By the way next time try to create a patch instead of attaching all file.

Regards
Philippe