[
https://issues.apache.org/jira/browse/CAMEL-7067?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gregor Zurowski updated CAMEL-7067:
-----------------------------------
Attachment: CAMEL-7067.patch
The attached patch contains a quick fix for the described problem and filters
out all Camel exchange properties before persisting properties in JCR. A
better, long-term solution would be to require a specific prefix for properties
that should be persisted, but it would break backward compatibility with
current implementations.
The patch also contains a new JUnit test "JcrProducerPropertiesTest" class to
support this request.
> JcrProducer should not store all exchange properties in the target JCR node
> ---------------------------------------------------------------------------
>
> Key: CAMEL-7067
> URL: https://issues.apache.org/jira/browse/CAMEL-7067
> Project: Camel
> Issue Type: Bug
> Components: camel-jcr
> Affects Versions: 2.12.2
> Reporter: Gregor Zurowski
> Attachments: CAMEL-7067.patch
>
>
> The CamelJcrInsert operation in JcrProducer stores all exchange properties in
> the target JCR node including all Camel properties that are found in the
> incoming exchange. This means that non-relevant data is persisted in JCR
> nodes including sensitive information such as username and password that is
> part of the URI in the CamelToEndpoint exchange property. Other examples of
> such properties include CamelJcrNodeName and CamelExternalRedelivered.
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)
