[
https://issues.apache.org/jira/browse/CAMEL-7067?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13848348#comment-13848348
]
Gregor Zurowski commented on CAMEL-7067:
----------------------------------------
I fully agree, the use of exchange properties in the current JCR component
implementation is conceptually wrong. As initially stated, the patch was meant
as a quick fix, so no credentials and other sensitive data are stored in
created nodes. I will refactor the JCR component in order to use body/headers
and submit another patch.
> JcrProducer should not store all exchange properties in the target JCR node
> ---------------------------------------------------------------------------
>
> Key: CAMEL-7067
> URL: https://issues.apache.org/jira/browse/CAMEL-7067
> Project: Camel
> Issue Type: Improvement
> Components: camel-jcr
> Affects Versions: 2.12.2
> Reporter: Gregor Zurowski
> Fix For: 2.12.3, 2.13.0
>
> Attachments: CAMEL-7067.patch
>
>
> The CamelJcrInsert operation in JcrProducer stores all exchange properties in
> the target JCR node including all Camel properties that are found in the
> incoming exchange. This means that non-relevant data is persisted in JCR
> nodes including sensitive information such as username and password that is
> part of the URI in the CamelToEndpoint exchange property. Other examples of
> such properties include CamelJcrNodeName and CamelExternalRedelivered.
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)
