[jira] [Resolved] (CAMEL-7587) MessageHistory stores passwords in plain text

Willem Jiang (JIRA) Wed, 09 Jul 2014 22:59:17 -0700

     [ 
https://issues.apache.org/jira/browse/CAMEL-7587?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Willem Jiang resolved CAMEL-7587.
---------------------------------

       Resolution: Fixed
    Fix Version/s: 2.14.0
                   2.13.3
                   2.12.5

Applied the patch into master, camel-2.13.x and camel-2.12.x branches.

> MessageHistory stores passwords in plain text
> ---------------------------------------------
>
>                 Key: CAMEL-7587
>                 URL: https://issues.apache.org/jira/browse/CAMEL-7587
>             Project: Camel
>          Issue Type: Bug
>          Components: camel-core
>    Affects Versions: 2.13.2
>            Reporter: Marco Zapletal
>            Assignee: Willem Jiang
>            Priority: Minor
>             Fix For: 2.12.5, 2.13.3, 2.14.0
>
>
> The MessageHistory feature currently keeps passwords in plain text in case 
> they are part of the URI. 
> MessageHelper.doDumpMessageHistoryStacktrace() does some sanitizing, but only 
> for the from node - other nodes/processors are currently not sanitized. 
> In order to prevent handling sensitive information in the message history in 
> general, I would suggest to sanitize the URI already when storing a 
> MessageHistory item. 



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Resolved] (CAMEL-7587) MessageHistory stores passwords in plain text

Reply via email to