[jboss-jira] [JBoss JIRA] (ELY-1359) Mask password when logging LDAP connection environment

Ilia Vassilev (JIRA) issues at jboss.org
Thu Sep 7 09:22:00 EDT 2017 

     [ https://issues.jboss.org/browse/ELY-1359?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ilia Vassilev reassigned ELY-1359:
----------------------------------

    Assignee: Ilia Vassilev  (was: Darran Lofthouse)


> Mask password when logging LDAP connection environment
> ------------------------------------------------------
>
>                 Key: ELY-1359
>                 URL: https://issues.jboss.org/browse/ELY-1359
>             Project: WildFly Elytron
>          Issue Type: Bug
>            Reporter: Martin Choma
>            Assignee: Ilia Vassilev
>            Priority: Critical
>
> When TRACE logging is set there is password logged into log.
> {code}
> 14:41:28,701 DEBUG [org.wildfly.security] (default task-36) Creating [class javax.naming.directory.InitialDirContext] with environment:
> 14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.security.credentials] with value [[s, e, c, r, e, t]]
> 14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.ldap.factory.socket] with value [org.wildfly.security.auth.realm.ldap.ThreadLocalSSLSocketFactory]
> 14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.security.authentication] with value [simple]
> 14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.provider.url] with value [ldaps://localhost.localdomain:15636 ldaps://localhost.localdomain:15637 ldaps://localhost.localdomain:15638]
> 14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [com.sun.jndi.ldap.read.timeout] with value [60000]
> 14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [com.sun.jndi.ldap.connect.pool] with value [false]
> 14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [com.sun.jndi.ldap.connect.timeout] with value [5000]
> 14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.security.principal] with value [uid=admin,ou=system]
> 14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.referral] with value [ignore]
> 14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.factory.initial] with value [com.sun.jndi.ldap.LdapCtxFactory]
> {code}
> There was similar PicketBox issue in past based on customer request[1]
> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1020663



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list