[ https://issues.apache.org/jira/browse/DBCP-562?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Frank Gasdorf updated DBCP-562: ------------------------------- Labels: security (was: ) > Password should not be exposed via JMXBean > ------------------------------------------ > > Key: DBCP-562 > URL: https://issues.apache.org/jira/browse/DBCP-562 > Project: Commons DBCP > Issue Type: Bug > Affects Versions: 2.5.0, 2.7.0 > Reporter: Frank Gasdorf > Priority: Critical > Labels: security > > if a BasicDataSource is created with jmxName set, password property is > exposed/exported via jmx and is visible for everybody who is connected to jmx > port. > > Expectation : Do not export it via BasicDataSourceMXBean Interface -- This message was sent by Atlassian Jira (v8.3.4#803005)