activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mtaylor <...@git.apache.org>
Subject [GitHub] activemq pull request: Do not log passwords on MBean method calls.
Date Wed, 15 Apr 2015 09:08:48 GMT
GitHub user mtaylor opened a pull request:

    https://github.com/apache/activemq/pull/88

    Do not log passwords on MBean method calls.

    Previous to this patch the AnnotatedMBean class would simply dump
    any arguments passed in via JMX call to the log (when audit is enabled).
    Method parameters can sometimes contain sensitive information such as
    the password field on QueueView.sendTextMessage.
    
    This patch adds a @Sensitive annotation to the JMX module allowing
    implementations MBean interfaces to mark method parameters as sensitive
    preventing values from being logged.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/mtaylor/activemq doNotLogPasswordsWithAudit

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/activemq/pull/88.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #88
    
----
commit af52760531d025bbf02769fc8b10ed50ee64f1fe
Author: Martyn Taylor <mtaylor@redhat.com>
Date:   2015-04-14T16:26:49Z

    Do not log passwords on MBean method calls.
    
    Previous to this patch the AnnotatedMBean class would simply dump
    any arguments passed in via JMX call to the log (when audit is enabled).
    Method parameters can sometimes contain sensitive information such as
    the password field on QueueView.sendTextMessage.
    
    This patch adds a @Sensitive annotation to the JMX module allowing
    implementations MBean interfaces to mark method parameters as sensitive
    preventing values from being logged.

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message