When run in DEBUG, the Qpid client logs the trust store/key store passwords to the log. This could present a security issue.
main 2012-09-29 22:32:54,558 DEBUG [apache.qpid.client.AMQConnection] Connection(1):amqp://guest:********@test/?brokerlist='tcp://localhost:15671?trust_store_password='password'&trust_store='test-profiles/test_resources/ssl/java_client_truststore.jks'&ssl_verify_hostname='true'&ssl='true'&key_store_password='password'&key_store='test-profiles/test_resources/ssl/java_client_keystore.jks''
The code should be changed to mask these passwords in the same fashion as the client's password. This change was made by