[jbosscache-issues] [JBoss JIRA] (JBCACHE-1612) JBoss Cache NonManagedConnectionFactory will log the password in clear text when an exception occurs
Tom Fonteyne (Assigned) (JIRA)
jira-events at lists.jboss.org
Tue Jan 3 12:21:10 EST 2012
[ https://issues.jboss.org/browse/JBCACHE-1612?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tom Fonteyne reassigned JBCACHE-1612:
-------------------------------------
Assignee: Tom Fonteyne (was: Manik Surtani)
> JBoss Cache NonManagedConnectionFactory will log the password in clear text when an exception occurs
> ----------------------------------------------------------------------------------------------------
>
> Key: JBCACHE-1612
> URL: https://issues.jboss.org/browse/JBCACHE-1612
> Project: JBoss Cache
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Cache loaders
> Affects Versions: 3.2.8.GA
> Environment: all
> Reporter: Tom Fonteyne
> Assignee: Tom Fonteyne
>
> http://anonsvn.jboss.org/repos/jbosscache/core/trunk/src/main/java/org/jboss/cache/loader/NonManagedConnectionFactory.java
> 088 public Connection getConnection()
> 089 {
> ......
> 099 catch (SQLException e)
> 100 {
> 101 reportAndRethrowError("Failed to get connection for url=" + url + ", user=" + usr + ", password=" + pwd, e);
> So upon a connection error, the user/password will end up in the logfile in clear text
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jbosscache-issues
mailing list