[
https://issues.apache.org/jira/browse/CAMEL-19676?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marco Bungart updated CAMEL-19676:
----------------------------------
Description:
When camel cannot create a route, a {{FailedToCreateRouteException}} is thrown.
This exception shows all query parameters in clear text, including sensitive
information, like password. It would be beneficial to also mask sensitive
information in this exception.
interestingly enough, inner exceptions still mask the password.
*Note:*
The issue was originally observed on {{camel-sftp}}, but I suspect that this is
a broader issue. I specified {{camel-log}} as component since it seems to be
the closest fit. Please feel free to change this as need be.
—
A sample project showing the behaviour can be found on
[{{github.com}}|https://github.com/turing85/camel-sftp].
To see the behaviour:
* Clone the project
{code:java}
git clone https://github.com/turing85/camel-sftp.git
cd camel-sftp {code}
* Start the sftp server:
{code:java}
docker-compose --file local-deployment/docker-compose.yml up --detach {code}
* build the application
{code:java}
./mvnw clean package {code}
* start the jar
{code:java}
java -jar target/camel-sftp-1.0-SNAPSHOT-executable-jar.jar {code}
* observe the stack trace, containing the password:
{code:java}
Exception in thread "main" org.apache.camel.FailedToCreateRouteException:
Failed to create route writer at: >>>
To[sftp://localhost:10022?password=wrong%26foo&username=foo] <<< in route:
Route(writer)[From[timer://write-timer?fixedRate=true&period... because of
Failed to resolve endpoint:
sftp://localhost:10022?password=xxxxxx&username=xxxxxx due to: Failed to
resolve endpoint: sftp://localhost:10022?password=xxxxxx&username=xxxxxx due
to: There are 1 parameters that couldn't be set on the endpoint. Check the uri
if the parameters are spelt correctly and that they are properties of the
endpoint. Unknown parameters=[{foo=}]
at
org.apache.camel.reifier.RouteReifier.doCreateRoute(RouteReifier.java:215)
at org.apache.camel.reifier.RouteReifier.createRoute(RouteReifier.java:75)
at
org.apache.camel.impl.DefaultModelReifierFactory.createRoute(DefaultModelReifierFactory.java:49)
at
org.apache.camel.impl.DefaultCamelContext.startRouteDefinitions(DefaultCamelContext.java:937)
at
org.apache.camel.impl.DefaultCamelContext.startRouteDefinitions(DefaultCamelContext.java:800)
at
org.apache.camel.impl.engine.AbstractCamelContext.doInit(AbstractCamelContext.java:3028)
at org.apache.camel.support.service.BaseService.init(BaseService.java:83)
at
org.apache.camel.impl.engine.AbstractCamelContext.init(AbstractCamelContext.java:2699)
at org.apache.camel.support.service.BaseService.start(BaseService.java:111)
at
org.apache.camel.impl.engine.AbstractCamelContext.start(AbstractCamelContext.java:2718)
at
org.apache.camel.impl.DefaultCamelContext.start(DefaultCamelContext.java:262)
at org.apache.camel.main.Main.doStart(Main.java:142)
at org.apache.camel.support.service.BaseService.start(BaseService.java:119)
at org.apache.camel.main.MainSupport.run(MainSupport.java:89)
at de.turing85.camel.sftp.CamelSftp.main(CamelSftp.java:15)
Caused by: org.apache.camel.ResolveEndpointFailedException: Failed to resolve
endpoint: sftp://localhost:10022?password=xxxxxx&username=xxxxxx due to: Failed
to resolve endpoint: sftp://localhost:10022?password=xxxxxx&username=xxxxxx due
to: There are 1 parameters that couldn't be set on the endpoint. Check the uri
if the parameters are spelt correctly and that they are properties of the
endpoint. Unknown parameters=[{foo=}]
at
org.apache.camel.impl.engine.AbstractCamelContext.doGetEndpoint(AbstractCamelContext.java:1020)
at
org.apache.camel.impl.engine.AbstractCamelContext.getEndpoint(AbstractCamelContext.java:931)
at
org.apache.camel.builder.endpoint.AbstractEndpointBuilder.resolve(AbstractEndpointBuilder.java:68)
at org.apache.camel.reifier.SendReifier.resolveEndpoint(SendReifier.java:47)
at org.apache.camel.reifier.SendReifier.createProcessor(SendReifier.java:37)
at
org.apache.camel.reifier.ProcessorReifier.makeProcessor(ProcessorReifier.java:857)
at
org.apache.camel.reifier.ProcessorReifier.addRoutes(ProcessorReifier.java:598)
at
org.apache.camel.reifier.RouteReifier.doCreateRoute(RouteReifier.java:211)
... 14 more
Caused by: org.apache.camel.ResolveEndpointFailedException: Failed to resolve
endpoint: sftp://localhost:10022?password=xxxxxx&username=xxxxxx due to: There
are 1 parameters that couldn't be set on the endpoint. Check the uri if the
parameters are spelt correctly and that they are properties of the endpoint.
Unknown parameters=[{foo=}]
at
org.apache.camel.support.DefaultComponent.validateParameters(DefaultComponent.java:300)
at
org.apache.camel.support.DefaultComponent.createEndpoint(DefaultComponent.java:192)
at
org.apache.camel.impl.engine.AbstractCamelContext.doGetEndpoint(AbstractCamelContext.java:986)
... 21 more {code}
—
Story:
*As* a developer
*When* I misconfigure my route so that it does not start
*Then* I want that all sensitive information are masked in the entire stack
trace.
—
FTR: [relevant
zulip-chat|https://camel.zulipchat.com/#narrow/stream/257298-camel/topic/Java.20DSL.20and.20.60RAW.28.2E.2E.2E.29.60.20parameters/near/379420624]
was:
When camel cannot create a route, a {{FailedToCreateRouteException}} is thrown.
This exception shows all query parameters in clear text, including sensitive
information, like password. It would be beneficial to also mask sensitive
information in this exception.
interestingly enough, inner exceptions still mask the password.
---
A sample project showing the behaviour can be found on
[{{github.com}}|https://github.com/turing85/camel-sftp].
To see the behaviour:
* Clone the project
{code:java}
git clone https://github.com/turing85/camel-sftp.git
cd camel-sftp {code}
* Start the sftp server:
{code:java}
docker-compose --file local-deployment/docker-compose.yml up --detach {code}
* build the application
{code:java}
./mvnw clean package {code}
* start the jar
{code:java}
java -jar target/camel-sftp-1.0-SNAPSHOT-executable-jar.jar {code}
* observe the stack trace, containing the password:
{code:java}
Exception in thread "main" org.apache.camel.FailedToCreateRouteException:
Failed to create route writer at: >>>
To[sftp://localhost:10022?password=wrong%26foo&username=foo] <<< in route:
Route(writer)[From[timer://write-timer?fixedRate=true&period... because of
Failed to resolve endpoint:
sftp://localhost:10022?password=xxxxxx&username=xxxxxx due to: Failed to
resolve endpoint: sftp://localhost:10022?password=xxxxxx&username=xxxxxx due
to: There are 1 parameters that couldn't be set on the endpoint. Check the uri
if the parameters are spelt correctly and that they are properties of the
endpoint. Unknown parameters=[{foo=}]
at
org.apache.camel.reifier.RouteReifier.doCreateRoute(RouteReifier.java:215)
at org.apache.camel.reifier.RouteReifier.createRoute(RouteReifier.java:75)
at
org.apache.camel.impl.DefaultModelReifierFactory.createRoute(DefaultModelReifierFactory.java:49)
at
org.apache.camel.impl.DefaultCamelContext.startRouteDefinitions(DefaultCamelContext.java:937)
at
org.apache.camel.impl.DefaultCamelContext.startRouteDefinitions(DefaultCamelContext.java:800)
at
org.apache.camel.impl.engine.AbstractCamelContext.doInit(AbstractCamelContext.java:3028)
at org.apache.camel.support.service.BaseService.init(BaseService.java:83)
at
org.apache.camel.impl.engine.AbstractCamelContext.init(AbstractCamelContext.java:2699)
at org.apache.camel.support.service.BaseService.start(BaseService.java:111)
at
org.apache.camel.impl.engine.AbstractCamelContext.start(AbstractCamelContext.java:2718)
at
org.apache.camel.impl.DefaultCamelContext.start(DefaultCamelContext.java:262)
at org.apache.camel.main.Main.doStart(Main.java:142)
at org.apache.camel.support.service.BaseService.start(BaseService.java:119)
at org.apache.camel.main.MainSupport.run(MainSupport.java:89)
at de.turing85.camel.sftp.CamelSftp.main(CamelSftp.java:15)
Caused by: org.apache.camel.ResolveEndpointFailedException: Failed to resolve
endpoint: sftp://localhost:10022?password=xxxxxx&username=xxxxxx due to: Failed
to resolve endpoint: sftp://localhost:10022?password=xxxxxx&username=xxxxxx due
to: There are 1 parameters that couldn't be set on the endpoint. Check the uri
if the parameters are spelt correctly and that they are properties of the
endpoint. Unknown parameters=[{foo=}]
at
org.apache.camel.impl.engine.AbstractCamelContext.doGetEndpoint(AbstractCamelContext.java:1020)
at
org.apache.camel.impl.engine.AbstractCamelContext.getEndpoint(AbstractCamelContext.java:931)
at
org.apache.camel.builder.endpoint.AbstractEndpointBuilder.resolve(AbstractEndpointBuilder.java:68)
at org.apache.camel.reifier.SendReifier.resolveEndpoint(SendReifier.java:47)
at org.apache.camel.reifier.SendReifier.createProcessor(SendReifier.java:37)
at
org.apache.camel.reifier.ProcessorReifier.makeProcessor(ProcessorReifier.java:857)
at
org.apache.camel.reifier.ProcessorReifier.addRoutes(ProcessorReifier.java:598)
at
org.apache.camel.reifier.RouteReifier.doCreateRoute(RouteReifier.java:211)
... 14 more
Caused by: org.apache.camel.ResolveEndpointFailedException: Failed to resolve
endpoint: sftp://localhost:10022?password=xxxxxx&username=xxxxxx due to: There
are 1 parameters that couldn't be set on the endpoint. Check the uri if the
parameters are spelt correctly and that they are properties of the endpoint.
Unknown parameters=[{foo=}]
at
org.apache.camel.support.DefaultComponent.validateParameters(DefaultComponent.java:300)
at
org.apache.camel.support.DefaultComponent.createEndpoint(DefaultComponent.java:192)
at
org.apache.camel.impl.engine.AbstractCamelContext.doGetEndpoint(AbstractCamelContext.java:986)
... 21 more {code}
---
Story:
*As* a developer
*When* I misconfigure my route so that it does not start
*Then* I want that all sensitive information are masked in the entire stack
trace.
---
FTR: [relevant
zulip-chat|https://camel.zulipchat.com/#narrow/stream/257298-camel/topic/Java.20DSL.20and.20.60RAW.28.2E.2E.2E.29.60.20parameters/near/379420624]
> Do not log sensitive query parameters when route cannot be created
> ------------------------------------------------------------------
>
> Key: CAMEL-19676
> URL: https://issues.apache.org/jira/browse/CAMEL-19676
> Project: Camel
> Issue Type: New Feature
> Components: camel-log
> Affects Versions: 3.13.0, 3.21.0
> Reporter: Marco Bungart
> Priority: Minor
>
> When camel cannot create a route, a {{FailedToCreateRouteException}} is
> thrown. This exception shows all query parameters in clear text, including
> sensitive information, like password. It would be beneficial to also mask
> sensitive information in this exception.
> interestingly enough, inner exceptions still mask the password.
> *Note:*
> The issue was originally observed on {{camel-sftp}}, but I suspect that this
> is a broader issue. I specified {{camel-log}} as component since it seems to
> be the closest fit. Please feel free to change this as need be.
> —
> A sample project showing the behaviour can be found on
> [{{github.com}}|https://github.com/turing85/camel-sftp].
> To see the behaviour:
> * Clone the project
> {code:java}
> git clone https://github.com/turing85/camel-sftp.git
> cd camel-sftp {code}
> * Start the sftp server:
> {code:java}
> docker-compose --file local-deployment/docker-compose.yml up --detach {code}
> * build the application
> {code:java}
> ./mvnw clean package {code}
> * start the jar
> {code:java}
> java -jar target/camel-sftp-1.0-SNAPSHOT-executable-jar.jar {code}
> * observe the stack trace, containing the password:
> {code:java}
> Exception in thread "main" org.apache.camel.FailedToCreateRouteException:
> Failed to create route writer at: >>>
> To[sftp://localhost:10022?password=wrong%26foo&username=foo] <<< in route:
> Route(writer)[From[timer://write-timer?fixedRate=true&period... because of
> Failed to resolve endpoint:
> sftp://localhost:10022?password=xxxxxx&username=xxxxxx due to: Failed to
> resolve endpoint: sftp://localhost:10022?password=xxxxxx&username=xxxxxx due
> to: There are 1 parameters that couldn't be set on the endpoint. Check the
> uri if the parameters are spelt correctly and that they are properties of the
> endpoint. Unknown parameters=[{foo=}]
> at
> org.apache.camel.reifier.RouteReifier.doCreateRoute(RouteReifier.java:215)
> at org.apache.camel.reifier.RouteReifier.createRoute(RouteReifier.java:75)
> at
> org.apache.camel.impl.DefaultModelReifierFactory.createRoute(DefaultModelReifierFactory.java:49)
> at
> org.apache.camel.impl.DefaultCamelContext.startRouteDefinitions(DefaultCamelContext.java:937)
> at
> org.apache.camel.impl.DefaultCamelContext.startRouteDefinitions(DefaultCamelContext.java:800)
> at
> org.apache.camel.impl.engine.AbstractCamelContext.doInit(AbstractCamelContext.java:3028)
> at org.apache.camel.support.service.BaseService.init(BaseService.java:83)
> at
> org.apache.camel.impl.engine.AbstractCamelContext.init(AbstractCamelContext.java:2699)
> at
> org.apache.camel.support.service.BaseService.start(BaseService.java:111)
> at
> org.apache.camel.impl.engine.AbstractCamelContext.start(AbstractCamelContext.java:2718)
> at
> org.apache.camel.impl.DefaultCamelContext.start(DefaultCamelContext.java:262)
> at org.apache.camel.main.Main.doStart(Main.java:142)
> at
> org.apache.camel.support.service.BaseService.start(BaseService.java:119)
> at org.apache.camel.main.MainSupport.run(MainSupport.java:89)
> at de.turing85.camel.sftp.CamelSftp.main(CamelSftp.java:15)
> Caused by: org.apache.camel.ResolveEndpointFailedException: Failed to resolve
> endpoint: sftp://localhost:10022?password=xxxxxx&username=xxxxxx due to:
> Failed to resolve endpoint:
> sftp://localhost:10022?password=xxxxxx&username=xxxxxx due to: There are 1
> parameters that couldn't be set on the endpoint. Check the uri if the
> parameters are spelt correctly and that they are properties of the endpoint.
> Unknown parameters=[{foo=}]
> at
> org.apache.camel.impl.engine.AbstractCamelContext.doGetEndpoint(AbstractCamelContext.java:1020)
> at
> org.apache.camel.impl.engine.AbstractCamelContext.getEndpoint(AbstractCamelContext.java:931)
> at
> org.apache.camel.builder.endpoint.AbstractEndpointBuilder.resolve(AbstractEndpointBuilder.java:68)
> at
> org.apache.camel.reifier.SendReifier.resolveEndpoint(SendReifier.java:47)
> at
> org.apache.camel.reifier.SendReifier.createProcessor(SendReifier.java:37)
> at
> org.apache.camel.reifier.ProcessorReifier.makeProcessor(ProcessorReifier.java:857)
> at
> org.apache.camel.reifier.ProcessorReifier.addRoutes(ProcessorReifier.java:598)
> at
> org.apache.camel.reifier.RouteReifier.doCreateRoute(RouteReifier.java:211)
> ... 14 more
> Caused by: org.apache.camel.ResolveEndpointFailedException: Failed to resolve
> endpoint: sftp://localhost:10022?password=xxxxxx&username=xxxxxx due to:
> There are 1 parameters that couldn't be set on the endpoint. Check the uri if
> the parameters are spelt correctly and that they are properties of the
> endpoint. Unknown parameters=[{foo=}]
> at
> org.apache.camel.support.DefaultComponent.validateParameters(DefaultComponent.java:300)
> at
> org.apache.camel.support.DefaultComponent.createEndpoint(DefaultComponent.java:192)
> at
> org.apache.camel.impl.engine.AbstractCamelContext.doGetEndpoint(AbstractCamelContext.java:986)
> ... 21 more {code}
> —
> Story:
> *As* a developer
> *When* I misconfigure my route so that it does not start
> *Then* I want that all sensitive information are masked in the entire stack
> trace.
> —
> FTR: [relevant
> zulip-chat|https://camel.zulipchat.com/#narrow/stream/257298-camel/topic/Java.20DSL.20and.20.60RAW.28.2E.2E.2E.29.60.20parameters/near/379420624]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
