Martyn Taylor created AMQ-5729:
----------------------------------
Summary: Audit log shows plaintext password for
QueueView.sendTextMessage
Key: AMQ-5729
URL: https://issues.apache.org/jira/browse/AMQ-5729
Project: ActiveMQ
Issue Type: Bug
Components: JMX
Affects Versions: 5.11.1
Reporter: Martyn Taylor
Each AuditLogEntry dumps all arguments for the method call to the Audit log.
Some of these arguments should not be logged as they may contain senstive
information. For example QueueView.sendTextMessage contains user password
information.
Example Log Entry:
anonymous called
org.apache.activemq.broker.jmx.QueueView.sendTextMessage[String, admin,
mypassword] at 04-03-2013 11:00:00
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
