[jboss-cvs] JBossAS SVN: r60603 - projects/security/trunk/src/main/org/jboss/security/auth/spi.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Sat Feb 17 19:03:14 EST 2007
Author: scott.stark at jboss.org
Date: 2007-02-17 19:03:14 -0500 (Sat, 17 Feb 2007)
New Revision: 60603
Modified:
projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java
Log:
JBAS-4114, mask the BIND_CREDENTIAL in trace logging
Modified: projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java
===================================================================
--- projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java 2007-02-18 00:01:38 UTC (rev 60602)
+++ projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java 2007-02-18 00:03:14 UTC (rev 60603)
@@ -530,10 +530,13 @@
{
Properties tmp = new Properties();
tmp.putAll(env);
- tmp.setProperty(Context.SECURITY_CREDENTIALS, "***");
+ if( tmp.containsKey(BIND_CREDENTIAL) )
+ tmp.setProperty(BIND_CREDENTIAL, "***");
+ if( tmp.containsKey(Context.SECURITY_CREDENTIALS) )
+ tmp.setProperty(Context.SECURITY_CREDENTIALS, "***");
log.trace("Logging into LDAP server, env=" + tmp.toString());
}
- }
+ }
//JBAS-3438 : Handle "/" correctly
private String canonicalize(String searchResult)
More information about the jboss-cvs-commits
mailing list