Password is visible in the log file
Bug #1185514 reported by
Lin Hua Cheng
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-keystoneclient |
New
|
Undecided
|
Unassigned |
Bug Description
Using Horizon, I turned on the DEBUG flag for python-
Output from the log file:
REQ : curl -i http://
REQ BODY: {"auth": {"identity": {"methods": ["password"], "password": {"user": {"domain": {"name": "Default"}, "name": "admin", "password": "123456"}}}}}
Keystone-client should mask or hide the password value.
To post a comment you must log in.
Since this is already documented behavior ( http:// docs.openstack. org/developer/ horizon/ topics/ deployment. html ), I'm marking the bug public. I couldn't quite tell whether it's best marked a duplicate of bug 1004114, or whether it merits separate treatment (a la bug 1104313 and bug 1172195).