[jboss-jira] [JBoss JIRA] (JBMAN-97) Passwords are getting logged through org.jboss.resource.connectionmanager.ManagedConnectionFactoryDeployment Class if we keep the logging level in debug mode.
Rahul Singh (JIRA)
jira-events at lists.jboss.org
Tue Apr 3 03:05:47 EDT 2012
Rahul Singh created JBMAN-97:
--------------------------------
Summary: Passwords are getting logged through org.jboss.resource.connectionmanager.ManagedConnectionFactoryDeployment Class if we keep the logging level in debug mode.
Key: JBMAN-97
URL: https://issues.jboss.org/browse/JBMAN-97
Project: JBoss Managed
Issue Type: Bug
Reporter: Rahul Singh
The passwords are getting logged in debug level For example we can see the below entries in logs
2012-03-08 12:21:28,108 DEBUG [org.jboss.resource.connectionmanager.ManagedConnectionFactoryDeployment] [ main] setting property: XADataSourceProperties to value URL=jdbc:sqlserver://xxxxx:1433;databaseName=password;responseBuffering=full;SelectMethod=cursor;
User=sa
Password=root
Password is coming in plain text through debug logging.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list