Qi Lu created CXF-6824:
--------------------------
Summary: Logs output User Password In Plain Text at INFO level
Key: CXF-6824
URL: https://issues.apache.org/jira/browse/CXF-6824
Project: CXF
Issue Type: Bug
Components: logging
Affects Versions: 2.7.16
Environment: Windows server, Java 8 and Apache CXF 2.7.16.
Reporter: Qi Lu
In a http soap webservice call, the user password was output in plain text in
the log at INFO level. This leads to security concerns of the application
building on top it. User password is very sensitive information, it should not
be at the INFO log level.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
