Closed Cisien closed 6 years ago
Which version of HF.core are you using ?
I don’t have that problem
Relavant Packages:
<PackageReference Include="HangFire" Version="1.6.17" />
<PackageReference Include="Hangfire.AspNetCore" Version="1.6.17" />
<PackageReference Include="Hangfire.Redis.StackExchange.StrongName" Version="1.7.0" />
Initialization Code:
//ConfigureServices
var redisConnecton = ConnectionMultiplexer.Connect(Configuration.GetConnectionString("Redis"));
services.AddHangfire(a =>
{
a.UseRedisStorage(redisConnecton, new Hangfire.Redis.RedisStorageOptions
{
Prefix = "pfx:",
SucceededListSize = 10000,
DeletedListSize = 1000
});
});
//Configure
app.UseHangfireDashboard("/jobs", new DashboardOptions { AppPath = "/jobs", StatsPollingInterval = 1000 });
app.UseHangfireServer(new BackgroundJobServerOptions {
WorkerCount = 20
});
Connection String in config:
"ConnectionStrings": {
"Redis": "-----------.redis.cache.windows.net:6380,password=-------------------------------,ssl=True,abortConnect=False"
}
Oh, can you try accessing the dashboard not from localhost ?
I found a similar issue over at the Hangfire repo: https://github.com/HangfireIO/Hangfire/issues/802
Yes, but as far as i remember it has been solved and now the dashboard only shows full info when accessed from localhost. Anyway, you can prevent the connectionstring to be displayed at all by setting DisplayStorageConnectionString = false; in DashboadOptions (see https://github.com/HangfireIO/Hangfire/commit/0394c63c0fa6b7590569f4be1b6d1a40aae4bc86)
Interesting. I'm getting the connection string when hosting locally in docker (using the docker container ID or IP to access the dashboard).
It looks like the DisplayStorageConnectionString setting hasn't made it into the released nuget packages. I'll keep an eye open for that change. Thanks for the help!
One of the first things I noticed when configuring the Hangfire.Redis.StacExchange storage layer was that the entire connection string is being displayed in the footer of the Hangfire dashboard, including the password.
How can I prevent it from displaying the password? If I can't, I'd like to request a change so the password part of the connection string is not displayed to everyone with the ability to login to the dashboard page.
redis://----------.redis.cache.windows.net:6380,password=---------------------------------------------,ssl=True,abortConnect=False/0