2013/3/22 Mark Thomas <ma...@apache.org>: > On 22/03/2013 09:16, kkoli...@apache.org wrote: >> Author: kkolinko >> Date: Fri Mar 22 09:16:06 2013 >> New Revision: 1459681 >> >> URL: http://svn.apache.org/r1459681 >> Log: >> Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=54599 >> jdbc-pool: Do not expose connection password via DataSource.toString(). >> Based on a patch by Daniel Mikusa > > I don't like the precedent this sets. > > JMX is an admin interface. Admins have access to passwords. There is a > whole bunch of similar information exposed via JMX and I don't think we > should start down the road of trying to hide it all. >
This is about toString() method. JMX is a different issue with its own bug report which, I agree, has to be closed as WONTFIX. Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
