Password is logged in api server logs while creating a storage pool and while

adding an image store of type SMB. Cleaning the message before logging.
2014-08-19 14:03:12 +05:30 · 2014-08-19 14:03:12 +05:30 · 283666b038
parent 9f38fd6c9f
commit 283666b038
1 changed files with 1 additions and 1 deletions
--- a/server/src/com/cloud/api/ApiServlet.java
+++ b/server/src/com/cloud/api/ApiServlet.java
@ -208,7 +208,7 @@ public class ApiServlet extends HttpServlet {
                }
            }

-            auditTrailSb.append(req.getQueryString());
+            auditTrailSb.append(StringUtils.cleanString(req.getQueryString()));
            final boolean isNew = ((session == null) ? true : session.isNew());

            // Initialize an empty context and we will update it after we have verified the request below,