directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject [directory-server] 08/09: Remove the credentials from the toString() method (security breach)
Date Wed, 06 Nov 2019 14:33:06 GMT
This is an automated email from the ASF dual-hosted git repository.

elecharny pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/directory-server.git

commit b459d853750e3b8ddd15b97811439e650cadf208
Author: emmanuel lecharny <emmanuel.lecharny@busit.com>
AuthorDate: Wed Nov 6 15:32:01 2019 +0100

    Remove the credentials from the toString() method (security breach)
---
 .../server/core/api/interceptor/context/BindOperationContext.java      | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/core-api/src/main/java/org/apache/directory/server/core/api/interceptor/context/BindOperationContext.java
b/core-api/src/main/java/org/apache/directory/server/core/api/interceptor/context/BindOperationContext.java
index 52eb221..918ae48 100644
--- a/core-api/src/main/java/org/apache/directory/server/core/api/interceptor/context/BindOperationContext.java
+++ b/core-api/src/main/java/org/apache/directory/server/core/api/interceptor/context/BindOperationContext.java
@@ -199,8 +199,7 @@ public class BindOperationContext extends AbstractOperationContext
     @Override
     public String toString()
     {
-        return "BindContext for Dn '" + getDn().getName() + "', credentials <"
-            + ( credentials != null ? Strings.dumpBytes( credentials ) : "" ) + ">"
+        return "BindContext for Dn '" + getDn().getName()
             + ( saslMechanism != null ? ", saslMechanism : <" + saslMechanism + ">"
: "" )
             + ( saslAuthId != null ? ", saslAuthId <" + saslAuthId + ">" : "" );
     }


Mime
View raw message