On 22/03/2013 09:16, kkoli...@apache.org wrote: > Author: kkolinko > Date: Fri Mar 22 09:16:06 2013 > New Revision: 1459681 > > URL: http://svn.apache.org/r1459681 > Log: > Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54599 > jdbc-pool: Do not expose connection password via DataSource.toString(). > Based on a patch by Daniel Mikusa
I don't like the precedent this sets. JMX is an admin interface. Admins have access to passwords. There is a whole bunch of similar information exposed via JMX and I don't think we should start down the road of trying to hide it all. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
