search

GluuFederation / oxOrm

MIT License
1 stars 1 forks source link

fix(oxOrm): Plaintext passwords logged from BaseEntryManager.java. #37

Open mmrraju opened 2 months ago

mmrraju commented 2 months ago

Ticket-11878

User password prints on log at the time of SCIM persistence.

https://github.com/GluuFederation/oxOrm/blob/c2a742f512ff5fbaf75d9d46df0d71664f4dfeb6/core/src/main/java/org/gluu/persist/impl/BaseEntryManager.java#L1416

2024-07-26 15:52:59,313 DEBUG [qtp580871917-19] [org.gluu.persist.impl.BaseEntryManager] (BaseEntryManager.java:1416) - Property: typedCustomAttributes, LdapProperty: userPassword, PropertyValue: [12345]
2024-07-26 15:52:59,314 DEBUG [qtp580871917-19] [org.gluu.persist.impl.BaseEntryManager] (BaseEntryManager.java:130) - LDAP attributes for persist: [AttributeData [name=oxCreationTimestamp, values=[20240726155259.308Z], multiValued=false], AttributeData [name=oxTrustExternalId, values=[], multiValued=true], AttributeData [name=oxTrustMetaCreated, values=[2024-07-26T15:52:59.283Z], multiValued=false], AttributeData [name=oxTrustMetaLastModified, values=[2024-07-26T15:52:59.283Z], multiValued=false], AttributeData [name=uid, values=[bablu], multiValued=false], AttributeData [name=givenName, values=[bablu], multiValued=false], AttributeData [name=sn, values=[bablu], multiValued=false], AttributeData [name=middleName, values=[], multiValued=false], AttributeData [name=oxTrusthonorificPrefix, values=[], multiValued=true], AttributeData [name=oxTrusthonorificSuffix, values=[], multiValued=true], AttributeData [name=oxTrustNameFormatted, values=[bablu bablu], multiValued=false], AttributeData [name=displayName, values=[bablu], multiValued=false], AttributeData [name=nickname, values=[], multiValued=false], AttributeData [name=oxTrustProfileURL, values=[], multiValued=true], AttributeData [name=oxTrustTitle, values=[], multiValued=true], AttributeData [name=oxTrustUserType, values=[], multiValued=true], AttributeData [name=preferredLanguage, values=[], multiValued=false], AttributeData [name=locale, values=[], multiValued=false], AttributeData [name=zoneinfo, values=[], multiValued=false], AttributeData [name=oxTrustActive, values=[true], multiValued=false], AttributeData [name=gluuStatus, values=[active], multiValued=false], AttributeData [name=userPassword, values=[12345], multiValued=false], AttributeData [name=oxTrustEmail, values=[{"value":"test1.test2+username@cevalogistics.com","display":null,"type":"work","primary":true}, {"value":"email2@cevalogistics.com","display":null,"type":"work","primary":false}], multiValued=true], AttributeData [name=mail, values=[test1.test2+username@cevalogistics.com, email2@cevalogistics.com], multiValued=false], AttributeData [name=oxTrustPhoneValue, values=[], multiValued=true], AttributeData [name=oxTrustImsValue, values=[], multiValued=true], AttributeData [name=oxTrustPhotos, values=[], multiValued=true], AttributeData [name=oxTrustAddresses, values=[], multiValued=true], AttributeData [name=oxTrustEntitlements, values=[], multiValued=true], AttributeData [name=oxTrustRole, values=[], multiValued=true], AttributeData [name=oxTrustx509Certificate, values=[], multiValued=true], AttributeData [name=inum, values=[47aa6ecd-c1d6-4a8b-b05c-d0fc1d9bc74f], multiValued=false], AttributeData [name=cn, values=[bablu bablu], multiValued=false], AttributeData [name=oxTrustMetaLocation, values=[https://mmrraju-fresh-bulldog.gluu.info/identity/restv1/scim/v2/Users/47aa6ecd-c1d6-4a8b-b05c-d0fc1d9bc74f], multiValued=false], AttributeData [name=objectClass, values=[top, gluuPerson, gluuCustomPerson], multiValued=true]]
yurem commented 2 months ago

https://github.com/GluuFederation/oxOrm/commit/eb111cd6279181d4b32849f5d3cdf2c920fb62a1

yurem commented 2 months ago

Implemented

mmrraju commented 1 month ago

@yurem , which version will have this fix?