Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.0-M24
    • Fix Version/s: 2.0.0.AM25
    • Component/s: None
    • Labels:
      None

      Description

      It is a bad practice to log credentials (e.g. LDAP bind request). There are several places where bindContext is logged. See class AuthenticatorInterceptor:

      LOG.info("Authenticator {} failed to authenticate: {}", authenticator, bindContext);
      LOG.info("Unexpected failure for Authenticator {} : {}", authenticator, bindContext);

      This will result in:

       

      failed to authenticate: BindContext for Dn 'uid=avthart@gmail.com,ou=vanadenovation', credentials <0x6D 0x79 0x76 0x65 0x72 0x79 0x73 0x65 0x63 0x72 0x65 0x74 0x70 0x61 0x73 0x73 0x77 0x6F 0x72 0x64> 
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              albertvth Albert van 't Hart
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: