Guillaume Nodet created CAMEL-23250:
---------------------------------------
Summary: Warn or prevent plain-text secrets in configuration
properties
Key: CAMEL-23250
URL: https://issues.apache.org/jira/browse/CAMEL-23250
Project: Camel
Issue Type: Improvement
Components: camel-core
Reporter: Guillaume Nodet
Currently, Camel has a well-established pipeline for detecting and masking
secret properties (via @Metadata(secret=true) and SensitiveUtils), but it only
masks values in logs and console output. There is no mechanism to warn users
when secrets are configured via plain-text properties instead of using secure
alternatives like RAW(), vault references ({{vault:...}}), or environment
variable placeholders (${env:...}).
This improvement should:
1. *Log a warning at startup* when a secret property is set via plain-text (not
RAW(), not {{vault:...}}, not ${env:...}). This could be added in
MainHelper.sensitiveAwareLogging() or BaseMainSupport auto-configuration.
2. *Add a camel.main.warnOnPlainTextSecrets flag* (default: true) to control
whether warnings are emitted, allowing users to suppress them in development
environments.
3. *Fix PropertiesDevConsole JSON output* which currently does not mask secret
values in JSON mode (only masks in text mode), potentially exposing secrets via
monitoring endpoints.
4. Consider adding a *strict mode* (e.g. camel.main.forbidPlainTextSecrets)
that would fail startup if plain-text secrets are detected, for production
hardening.
Related: there are currently 143+ secret keys detected by SensitiveUtils. The
detection infrastructure is solid - it just needs to be leveraged for
prevention, not just masking.
Key files:
- core/camel-main/src/main/java/org/apache/camel/main/MainHelper.java
(sensitiveAwareLogging)
- core/camel-util/src/main/java/org/apache/camel/util/SensitiveUtils.java
-
core/camel-console/src/main/java/org/apache/camel/impl/console/PropertiesDevConsole.java
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
