You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@brooklyn.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/04/27 22:00:06 UTC

[jira] [Commented] (BROOKLYN-269) Sensitive external values exposed in debug logs when using external config supplier

    [ https://issues.apache.org/jira/browse/BROOKLYN-269?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15987781#comment-15987781 ] 

ASF GitHub Bot commented on BROOKLYN-269:
-----------------------------------------

GitHub user aledsage opened a pull request:

    https://github.com/apache/brooklyn-server/pull/659

    BROOKLYN-269: don’t log sensitive resolved DSL values

    See https://issues.apache.org/jira/browse/BROOKLYN-269

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/aledsage/brooklyn-server BROOKLYN-269

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/brooklyn-server/pull/659.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #659
    
----
commit 12065846ecfa79e202825f2af857fce30bdd38d2
Author: Aled Sage <al...@gmail.com>
Date:   2017-04-27T21:49:42Z

    BROOKLYN-269: don’t log sensitive resolved DSL values

----


> Sensitive external values exposed in debug logs when using external config supplier
> -----------------------------------------------------------------------------------
>
>                 Key: BROOKLYN-269
>                 URL: https://issues.apache.org/jira/browse/BROOKLYN-269
>             Project: Brooklyn
>          Issue Type: Bug
>    Affects Versions: 0.10.0
>            Reporter: John McCabe
>
> Passwords etc are exposed in debug logs when using an external config supplied, in this case {{org.apache.brooklyn.core.config.external.InPlaceExternalConfigSupplier}}
> {code}
>     password: $brooklyn:external("my-credentials", "supersecretpassword")
> {code}
> {code}
> 2016-05-18 07:51:27,979 DEBUG o.a.b.c.b.s.d.BrooklynDslDeferredSupplier [brooklyn-execmanager-ajTGRUqW-212]: Resolved supersecretpassword from $brooklyn:external("my-credentials", "password")
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)