Uploaded image for project: 'FUSE Message Broker'
  1. FUSE Message Broker
  2. MB-840

Stomp message frames are logged by default containing the username and password

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: 5.4.2-fuse-02-00
    • Fix Version/s: 5.5.0-fuse-00-00
    • Component/s: broker
    • Labels:
      None

      Description

      Hi,

      There's been a bit of work in this area as of late MB-824 and MB-833. All is good with these bugs, however, when a bad password is sent the activemq log prints the following warning messages:

      22011-03-18 09:38:30,634 [38.171.43:40701] WARN TransportConnection - Failed to add Connection ID:gridmsg006.cern.ch-38456-1300437460886-2:3, reason: java.lang.SecurityException: User name or password is invalid.
      2011-03-18 09:38:30,634 [38.171.43:40701] WARN ProtocolConverter - Exception occurred processing:
      CONNECT
      host:gridmsg006
      accept-version:1.0,1.1
      passcode:bar
      login:foo
       
      : java.lang.SecurityException: User name or password is invalid.
      2011-03-18 09:38:30,636 [38.171.43:40701] INFO Transport - Transport failed: java.io.IOException: User name or password is invalid.
       

      I was able to see this here starting a secure broker (same as MB-824) and using the STOMP example we ship with bum password.
      Is it possible to star that out or make it configurable if it is printed. I tinkered around with the settings for:

      log4j.logger.org.apache.activemq.transport.stomp=TRACE, stomp

      But even on INFO this gets printed.

      Thanks,

      Susan

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                garytully Gary Tully
                Reporter:
                sjavurek Susan Javurek
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: