Plain text password logging in server.log when org.apache.coyote.http11 is set to DEBUG
Issue
We see passwords logged in plain text in server.log:
08:08:09,249 DEBUG [org.apache.coyote.http11] ... JBWEB003028: Start processing with input [j_username=USER&j_password=secret]
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
