[jira] [Closed] (JCLOUDS-933) username & password are displayed in logs in case of authentication or invalid host errors

Ignasi Barrera (JIRA) Thu, 11 Jun 2015 06:33:35 -0700

     [ 
https://issues.apache.org/jira/browse/JCLOUDS-933?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Ignasi Barrera closed JCLOUDS-933.
----------------------------------

> username & password are displayed in logs in case of authentication or 
> invalid host errors
> ------------------------------------------------------------------------------------------
>
>                 Key: JCLOUDS-933
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-933
>             Project: jclouds
>          Issue Type: Bug
>          Components: jclouds-core
>    Affects Versions: 1.8.1
>            Reporter: Alexei Yarilovets
>            Priority: Critical
>              Labels: authentication, logging, security
>
> Try to connect to unknown host, will get username & password printed in logs.
> For example:
> 2015-06-02 16:43:23,743 ERROR [t-main] [BackoffLimitedRetryHandler] - Cannot 
> retry after server error, command has exceeded retry limit 0: 
> [method=org.jclouds.openstack.keystone.v2_0.AuthenticationApi.public abstract 
> org.jclouds.openstack.keystone.v2_0.domain.Access 
> org.jclouds.openstack.keystone.v2_0.AuthenticationApi.authenticateWithTenantNameAndCredentials(java.lang.String,org.jclouds.openstack.keystone.v2_0.domain.PasswordCredentials)[null,
>  PasswordCredentials{username=a, password=z}], request=POST 
> HTTP://1.1.1.1:5000/v2.0/tokens HTTP/1.1] 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Closed] (JCLOUDS-933) username & password are displayed in logs in case of authentication or invalid host errors

Reply via email to