ARTEMIS-3176 don't log JDBC datasource 'password' property#3488
ARTEMIS-3176 don't log JDBC datasource 'password' property#3488jbertram wants to merge 1 commit intoapache:masterfrom
Conversation
| .keySet() | ||
| .stream() | ||
| .map(key -> key + "=" + dataSourceProperties.get(key)) | ||
| .map(key -> key + "=" + (key.equals("password") ? "****" : dataSourceProperties.get(key))) |
There was a problem hiding this comment.
It would only be uppercase if org.apache.activemq.artemis.core.config.storage.DatabaseStorageConfiguration#getDataSource changes. It's hard-coded to use password.
I thought about making it a constant, but to be able to use it from org.apache.activemq.artemis.jdbc.store.drivers.JDBCDataSourceUtils I'd have to move it (and org.apache.activemq.artemis.core.config.StoreConfiguration) out of the artemis-server module and into the artemis-commons module.
There was a problem hiding this comment.
Could a user set the password using a data-source-property with an uppercase key?
<data-source-property key="PASSWORD" value="artemis" />
There was a problem hiding this comment.
@brusdev, yes, I would assume that's theoretically possible. I will update the PR to use equalsIgnoreCase instead of equals.
2 participants
No description provided.