Uploaded image for project: 'Qpid'
  1. Qpid
  2. QPID-6365

[Java Broker] Secure management attributes need to be masked all the time

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 0.30
    • 0.31
    • Broker-J
    • None

    Description

      In the REST API, the values of secure management attributes are currently provided to authenticated users if "actuals" request parameter is set to true. This means if the user is using an insecure HTTP transport, the secure value will go over the wire unencrypted.

      Attachments

        Activity

          People

            kwall Keith Wall
            orudyy Alex Rudyy
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: