camel-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Willem Jiang (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (CAMEL-7587) MessageHistory stores passwords in plain text
Date Thu, 10 Jul 2014 03:25:09 GMT

     [ https://issues.apache.org/jira/browse/CAMEL-7587?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Willem Jiang reassigned CAMEL-7587:
-----------------------------------

    Assignee: Willem Jiang

> MessageHistory stores passwords in plain text
> ---------------------------------------------
>
>                 Key: CAMEL-7587
>                 URL: https://issues.apache.org/jira/browse/CAMEL-7587
>             Project: Camel
>          Issue Type: Bug
>          Components: camel-core
>    Affects Versions: 2.13.2
>            Reporter: Marco Zapletal
>            Assignee: Willem Jiang
>            Priority: Minor
>
> The MessageHistory feature currently keeps passwords in plain text in case they are part
of the URI. 
> MessageHelper.doDumpMessageHistoryStacktrace() does some sanitizing, but only for the
from node - other nodes/processors are currently not sanitized. 
> In order to prevent handling sensitive information in the message history in general,
I would suggest to sanitize the URI already when storing a MessageHistory item. 



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message