[
https://issues.apache.org/jira/browse/KARAF-7537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17612907#comment-17612907
]
ASF subversion and git services commented on KARAF-7537:
--------------------------------------------------------
Commit 702d69c1f72b4a15684f583937de7c467849341f in karaf's branch
refs/heads/karaf-4.3.x from Colm O hEigeartaigh
[ https://gitbox.apache.org/repos/asf?p=karaf.git;h=702d69c1f7 ]
KARAF-7537 - Password displayed in console using repo-list
(cherry picked from commit 2a6adc8a9821aa50e37ebc5a2426ee2347ff0915)
> Password displayed in console using repo-list
> ---------------------------------------------
>
> Key: KARAF-7537
> URL: https://issues.apache.org/jira/browse/KARAF-7537
> Project: Karaf
> Issue Type: Wish
> Affects Versions: 4.3.7
> Reporter: Colm O hEigeartaigh
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Fix For: 4.3.8, 4.4.2
>
>
> If you add a feature repository with a user credential, e.g.:
> {code:java}
> repo-add
> mvn:https://user:[email protected]/maven2!org.apache.cxf.karaf/apache-cxf/3.5.3/xml/features
> {code}
> Then Karaf displays the password in full in the console with:
> {code:java}
> repo-list | grep password
> cxf-3.5.3 │
> mvn:https://user:[email protected]/maven2!org.apache.cxf.karaf/apache-cxf/3.5.3/xml/features
> {code}
> For repos that contain a password, it would be more secure if the password
> was redacted for logging/display purposes.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
