Adding security group...
On Sat, Apr 26, 2014 at 4:25 PM, Hao Wang <[email protected]> wrote: > It is the client. I got this message with DEBUG enabled: > curl -i 'http://192.168.56.103:35357/v2.0/tokens' -X POST -H > "Content-Type: application/json" -H "Accept: application/json" -H > "User-Agent: python-novaclient" -d '{"auth": {"tenantName": "admin", > "passwordCredentials": {"username": "admin", "password": "admin"}}}' > > It can be seen that username and password are right in the message. > > Hao > > > On Sat, Apr 26, 2014 at 4:08 PM, Aaron Knister <[email protected]>wrote: > >> Was it the client or the server that exposed the credentials? >> >> Sent from my iPhone >> >> On Apr 26, 2014, at 2:28 PM, Hao Wang <[email protected]> wrote: >> >> Hi, >> >> I am troubleshooting a neutron case. It was just found that if DEBUG was >> enabled, neutron would print out JSON data with username and password. I am >> wondering what kind of protocol is used in production environment to >> prevent this security risk from happening. >> >> Thanks, >> Hao >> >> _______________________________________________ >> Mailing list: >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> Post to : [email protected] >> Unsubscribe : >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> >> >
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
