Hi There is a related ticket https://issues.apache.org/activemq/browse/CAMEL-2987
Which can help here as it allows to use encrypted passwords. Then the logging will just be that encrypted password which isn't readable. password=#ENC#4fg48dgh58747f744#ENC# And I wonder if there is any stuff from the regular JDK we can use as a first shot, so end users don't need to mess with additional .jars in the classpath. The downside is the end user has to compute the token, which requires to use a Java app for that. On Wed, Sep 1, 2010 at 10:55 PM, Hadrian Zbarcea <hzbar...@gmail.com> wrote: > We are happy to apply patches, thanks for the contribution. The proper way > though is to create an issue in jira and attach the patch to it. Please check > the "grant license to apache" when you attach the patch, otherwise we will > not be able to apply. > > Coincidentally I was thinking about the very same issue today and I fear it > affects other components. My thought though was to annotate the secret fields > with some think like @Secret. How about that? > > Thanks, > Hadrian > > > > On Sep 1, 2010, at 4:21 PM, Lorrin Nelson wrote: > >> Hi -- >> >> I'm fairly new to Camel, but my impression is that URIs with sensitive data >> are common and that URIs are frequently logged. I bumped into this myself >> most recently with an FTP consumer. I ended up with log messages like this: >> >> RemoteFileProducer 2010-08-31 16:21:45,459 -- INFO -- Connected and logged >> in to: >> Endpoint[sftp://myusern...@my.host.name/var/my/path?fileName=myFile.txt&password=yikesMyPassword] >> >> I propose a sane-defaults patch of modifying DefaultEndoint.java's toString >> to sanitize the URI by looking for URI params containing the tokens >> "password" or "passphrase" and rendering their value as "*******" instead of >> the actual value. Obviously this isn't always the right thing to do in every >> situation, but it seems appropriate for many endpoints. Any for which it is >> not appropriate could override toString. >> >> If folks like this idea I have a patch I'm happy to submit. >> >> http://github.com/lorrin/camel/commit/a8719ccde91c438f95ed173be1e2405d96b8b13d >> >> Cheers >> -Lorrin > > -- Claus Ibsen Apache Camel Committer Author of Camel in Action: http://www.manning.com/ibsen/ Open Source Integration: http://fusesource.com Blog: http://davsclaus.blogspot.com/ Twitter: http://twitter.com/davsclaus
