On 22/03/2013 09:26, Konstantin Kolinko wrote: > 2013/3/22 Mark Thomas <ma...@apache.org>: >> On 22/03/2013 09:16, kkoli...@apache.org wrote: >>> Author: kkolinko >>> Date: Fri Mar 22 09:16:06 2013 >>> New Revision: 1459681 >>> >>> URL: http://svn.apache.org/r1459681 >>> Log: >>> Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54599 >>> jdbc-pool: Do not expose connection password via DataSource.toString(). >>> Based on a patch by Daniel Mikusa >> >> I don't like the precedent this sets. >> >> JMX is an admin interface. Admins have access to passwords. There is a >> whole bunch of similar information exposed via JMX and I don't think we >> should start down the road of trying to hide it all. >> > > This is about toString() method. > > JMX is a different issue with its own bug report which, I agree, has > to be closed as WONTFIX.
Sorry - read it too fast while I had my mind on something else. Thanks for putting me right. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
