You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by co...@apache.org on 2010/11/19 16:34:22 UTC
svn commit: r1036901 - in /webservices/wss4j/trunk: ./
src/org/apache/ws/security/WSDocInfo.java
src/org/apache/ws/security/components/crypto/AbstractCrypto.java
src/org/apache/ws/security/processor/UsernameTokenProcessor.java
test/log4j.properties
Author: coheigea
Date: Fri Nov 19 15:34:22 2010
New Revision: 1036901
URL: http://svn.apache.org/viewvc?rev=1036901&view=rev
Log:
[WSS-253] - UsernameTokenProcessor logs the password to the log
Modified:
webservices/wss4j/trunk/ (props changed)
webservices/wss4j/trunk/src/org/apache/ws/security/WSDocInfo.java (props changed)
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/AbstractCrypto.java
webservices/wss4j/trunk/src/org/apache/ws/security/processor/UsernameTokenProcessor.java
webservices/wss4j/trunk/test/log4j.properties (props changed)
Propchange: webservices/wss4j/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Nov 19 15:34:22 2010
@@ -1 +1 @@
-/webservices/wss4j/branches/1_5_x-fixes:996180,996298,996339,997529,997535,1001926,1002116,1002347,1032939,1036805
+/webservices/wss4j/branches/1_5_x-fixes:996180,996298,996339,997529,997535,1001926,1002116,1002347,1032939,1036805,1036890
Propchange: webservices/wss4j/trunk/src/org/apache/ws/security/WSDocInfo.java
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Nov 19 15:34:22 2010
@@ -1 +1 @@
-/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/WSDocInfo.java:947604,996180,996298,996339,997529,997535,1001926,1002116,1002347,1032939,1036805
+/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/WSDocInfo.java:947604,996180,996298,996339,997529,997535,1001926,1002116,1002347,1032939,1036805,1036890
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/AbstractCrypto.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/AbstractCrypto.java?rev=1036901&r1=1036900&r2=1036901&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/AbstractCrypto.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/AbstractCrypto.java Fri Nov 19 15:34:22 2010
@@ -222,8 +222,6 @@ public abstract class AbstractCrypto ext
java.net.URL url = Loader.getResource(loader, location);
if (url != null) {
is = url.openStream();
- } else {
- is = new java.io.FileInputStream(location);
}
//
Modified: webservices/wss4j/trunk/src/org/apache/ws/security/processor/UsernameTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/processor/UsernameTokenProcessor.java?rev=1036901&r1=1036900&r2=1036901&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/processor/UsernameTokenProcessor.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/processor/UsernameTokenProcessor.java Fri Nov 19 15:34:22 2010
@@ -101,7 +101,7 @@ public class UsernameTokenProcessor impl
String pwType = ut.getPasswordType();
if (log.isDebugEnabled()) {
log.debug("UsernameToken user " + user);
- log.debug("UsernameToken password " + password);
+ log.debug("UsernameToken password type " + pwType);
}
//
// If the UsernameToken is hashed or plaintext, then retrieve the password from the
@@ -130,9 +130,6 @@ public class UsernameTokenProcessor impl
);
}
String origPassword = pwCb.getPassword();
- if (log.isDebugEnabled()) {
- log.debug("UsernameToken callback password " + origPassword);
- }
if (origPassword == null) {
if (log.isDebugEnabled()) {
log.debug("Callback supplied no password for: " + user);
Propchange: webservices/wss4j/trunk/test/log4j.properties
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Nov 19 15:34:22 2010
@@ -1 +1 @@
-/webservices/wss4j/branches/1_5_x-fixes/test/log4j.properties:1036805
+/webservices/wss4j/branches/1_5_x-fixes/test/log4j.properties:1036805,1036890
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org