Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1359

Mask password when logging LDAP connection environment

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 1.2.0.Beta5
    • None
    • None
    • None

      When TRACE logging is set there is password logged into log.

      14:41:28,701 DEBUG [org.wildfly.security] (default task-36) Creating [class javax.naming.directory.InitialDirContext] with environment:
      14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.security.credentials] with value [[s, e, c, r, e, t]]
      14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.ldap.factory.socket] with value [org.wildfly.security.auth.realm.ldap.ThreadLocalSSLSocketFactory]
      14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.security.authentication] with value [simple]
      14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.provider.url] with value [ldaps://localhost.localdomain:15636 ldaps://localhost.localdomain:15637 ldaps://localhost.localdomain:15638]
      14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [com.sun.jndi.ldap.read.timeout] with value [60000]
      14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [com.sun.jndi.ldap.connect.pool] with value [false]
      14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [com.sun.jndi.ldap.connect.timeout] with value [5000]
      14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.security.principal] with value [uid=admin,ou=system]
      14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.referral] with value [ignore]
      14:41:28,701 DEBUG [org.wildfly.security] (default task-36)     Property [java.naming.factory.initial] with value [com.sun.jndi.ldap.LdapCtxFactory]
      

      There was similar PicketBox issue in past based on customer request[1]

      [1] https://bugzilla.redhat.com/show_bug.cgi?id=1020663

              rhn-support-ivassile Ilia Vassilev
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: