[
https://issues.apache.org/jira/browse/CAMEL-23998?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Work on CAMEL-23998 started by Federico Mariani.
------------------------------------------------
> Mark sensitive component options with security=secret and tag insecure SSL
> flags
> --------------------------------------------------------------------------------
>
> Key: CAMEL-23998
> URL: https://issues.apache.org/jira/browse/CAMEL-23998
> Project: Camel
> Issue Type: Improvement
> Reporter: Federico Mariani
> Assignee: Federico Mariani
> Priority: Major
>
> Sweep across components to fix missing security metadata on options, so
> sensitive values are masked (JMX, camel-jbang, endpoint URI dumps) and
> insecure flags are visible to the security policy ({{camel.security.*}}).
> Sensitive options not marked as secret:
> * camel-openai: component-level {{apiKey}}
> * camel-huggingface: {{authToken}}
> * camel-vertx-http: {{basicAuthPassword}}, {{bearerToken}}, {{proxyPassword}}
> (endpoint + component level)
> * camel-servicenow: {{proxyPassword}}
> * camel-smpp: {{httpProxyPassword}}
> * camel-twitter: {{httpProxyPassword}}
> * camel-geocoder: {{proxyAuthPassword}}
> * camel-huaweicloud-dms: {{password}}, {{kafkaManagerPassword}}
> * camel-weather: {{appid}}, {{geolocationAccessKey}}
> * camel-jcr: {{password}}
> * camel-wordpress: {{password}}
> * camel-whatsapp: {{webhookVerifyToken}} (and migrate {{webhookSecret}} from
> deprecated {{secret=true}} to {{security="secret"}})
> Insecure TLS toggles not tagged for the security policy:
> * camel-oaipmh: {{ignoreSSLWarnings}} -> {{security="insecure:ssl"}}
> * camel-ibm-watsonx-ai: {{verifySsl}} -> {{security="insecure:ssl",
> insecureValue="false"}} (also relabel from advanced to security)
> _Filed by Claude Code on behalf of Federico Mariani_
--
This message was sent by Atlassian Jira
(v8.20.10#820010)