You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@continuum.apache.org by "Maria Catherine Tan (JIRA)" <ji...@codehaus.org> on 2009/07/28 05:01:57 UTC
[jira] Closed: (CONTINUUM-2314) Password is printed in logs in
clear text when adding a project fails
[ http://jira.codehaus.org/browse/CONTINUUM-2314?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Maria Catherine Tan closed CONTINUUM-2314.
------------------------------------------
Resolution: Fixed
fixed in
r798376 of 1.3.x branch
r798377 of trunk
> Password is printed in logs in clear text when adding a project fails
> ---------------------------------------------------------------------
>
> Key: CONTINUUM-2314
> URL: http://jira.codehaus.org/browse/CONTINUUM-2314
> Project: Continuum
> Issue Type: Bug
> Components: Security
> Affects Versions: 1.3.3
> Reporter: Carlos Sanchez
> Assignee: Maria Catherine Tan
> Priority: Blocker
> Fix For: 1.3.4
>
>
> I got this in the continuum log, I've changed the parameters to hide the info, but where I say PASSWORDINCLEARTEXT it had my password there
> Actually it had a bad password with a typo (that's why I got unauthorized) but it was close enough to the real one
> 2009-07-24 16:03:54,137 [addMavenTwoProjectBackgroundThread] INFO org.apache.maven.continuum.project.builder.maven.MavenTwoContinuumProjectBuilder - Downloading https://myusername:*****@svn.company.com/repos/pom.xml
> 2009-07-24 16:03:55,392 [addMavenTwoProjectBackgroundThread] ERROR org.apache.maven.continuum.project.builder.maven.MavenTwoContinuumProjectBuilder - Error
> adding project: Unauthorized https://myusername:PASSWORDINCLEARTEXT@svn.company.com/repos/pom.xml
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira