[CAMEL-15563] Sensitive keys are logged in auto-configuration summary - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.3.0, 3.5.0
Fix Version/s: 3.4.4, 3.6.0
Component/s: camel-main
Labels:
None

Estimated Complexity:
Novice

Description

Hello

Using camel 3.3.0 in a quarkus app, on startup we get a log statement like this:

Sep 22, 2020 12:08:35 AM org.apache.camel.main.BaseMainSupport autoconfigure
INFO: Auto-configuration summary:
Sep 22, 2020 12:08:36 AM org.apache.camel.main.BaseMainSupport lambda$autoconfigure$0
INFO: camel.component.activemq.password=password
Sep 22, 2020 12:08:36 AM org.apache.camel.main.BaseMainSupport lambda$autoconfigure$0
INFO: camel.component.activemq.username=username

We would expect to see, based on BaseMainSupport.java the following:

INFO: camel.component.activemq.password=xxxxxx

When I debug this I see the following on BaseMainSupport.autoconfigure(CamelContext camelContext) (line 536):

We can work around by disabling the auto-configuration summary or disabling the logger for BaseMainSupport.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

image-2020-09-21-19-16-25-858.png
22/Sep/20 00:16
24 kB
Aaron Oakley

Issue Links

relates to

CAMEL-15565 camel-main - camel.beans configuration should support lookup existing bean

Resolved

Activity

People

Assignee:: Claus Ibsen

Reporter:: Aaron Oakley

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 22/Sep/20 00:19

Updated:: 22/Sep/20 05:08

Resolved:: 22/Sep/20 05:08