Use Moqui Framework to build enterprise applications based on Java. It includes tools for databases (relational, graph, document), local and web services, web and other UI with screens and forms, security, file/resource access, scripts, templates, l10n, caching, logging, search, rules, workflow, multi-instance, and integration.
While integrating keycloak into moqui, several parameters needed to be added to the component, set via environment variables. Those names were of the form "MOQUIKEYCLOAK". The existing code looks at the property name, and for anything that matches "KEY*" considers it a secret, and doesn't print it's value.
While the attached patch does not fix that particular issue, it does make the secret-value handling more explicit, via a boolean that can be set in MoquiConf.xml. My recommendation is to have this patch accepted, then start to deprecate the existing property name pattern matching, in preference for is-secret="true".
While integrating keycloak into moqui, several parameters needed to be added to the component, set via environment variables. Those names were of the form "MOQUIKEYCLOAK". The existing code looks at the property name, and for anything that matches "KEY*" considers it a secret, and doesn't print it's value.
While the attached patch does not fix that particular issue, it does make the secret-value handling more explicit, via a boolean that can be set in MoquiConf.xml. My recommendation is to have this patch accepted, then start to deprecate the existing property name pattern matching, in preference for is-secret="true".