Author: coheigea
Date: Fri Nov 19 15:27:17 2010
New Revision: 1036890
URL: http://svn.apache.org/viewvc?rev=1036890&view=rev
Log:
[WSS-253] - UsernameTokenProcessor logs the password to the log
Modified:
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/UsernameTokenProcessor.java
Modified:
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/UsernameTokenProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/UsernameTokenProcessor.java?rev=1036890&r1=1036889&r2=1036890&view=diff
==============================================================================
---
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/UsernameTokenProcessor.java
(original)
+++
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/UsernameTokenProcessor.java
Fri Nov 19 15:27:17 2010
@@ -102,7 +102,7 @@ public class UsernameTokenProcessor impl
String pwType = ut.getPasswordType();
if (log.isDebugEnabled()) {
log.debug("UsernameToken user " + user);
- log.debug("UsernameToken password " + password);
+ log.debug("UsernameToken password type " + pwType);
}
Callback[] callbacks = new Callback[1];
@@ -135,9 +135,6 @@ public class UsernameTokenProcessor impl
);
}
origPassword = pwCb.getPassword();
- if (log.isDebugEnabled()) {
- log.debug("UsernameToken callback password " + origPassword);
- }
if (origPassword == null) {
if (log.isDebugEnabled()) {
log.debug("Callback supplied no password for: " + user);
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
