https://bz.apache.org/bugzilla/show_bug.cgi?id=60178
Bug ID: 60178
Summary: password is logged in clear text
Product: Tomcat 7
Version: 7.0.69
Hardware: PC
OS: Windows NT
Status: NEW
Severity: critical
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: markus.tolksd...@sap.com
Hi,
there is a trace entry that is logging the password in clear text. This should
not be done. If the user is DonaldDuck and the password is ILoveDa1sy the entry
looks like this with our custom formatter:
2016-06-01
14:57:28,329#DEBUG#org.apache.tomcat.util.http.Parameters#http-bio-443-exec-11#
#Start processing with input
[j_username=DonaldDuck&j_password=ILoveDa1sy]|
Could you please fix this? Thanks!
Best regards,
Markus
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
