Bug 48305

Summary: mod_jk - JK Status Manager page Dump shows my secret
Product: Tomcat Connectors Reporter: Fred K <fredk2>
Component: mod_jkAssignee: Tomcat Developers Mailing List <dev>
Severity: regression    
Priority: P2    
Version: 1.2.28   
Target Milestone: ---   
Hardware: All   
OS: All   

Description Fred K 2009-11-30 13:41:15 UTC

I setup the JK Status for mod_jk 1.2.28 and the "Dump" link shows all the properties and *disturbingly* :) also

We spoke about this once before when the link "Property" showed all the properties and "secret". This was fixed maybe circa 1.2.25 .  I would kindly suggest that the same exclusion be applied to Dump....or introduce another property:

Many Thanks - Fred
Comment 1 Mladen Turk 2009-12-21 04:40:08 UTC
Fixed in the SVN. Any property ending with .secret will not be shown in dump
Comment 2 Rainer Jung 2010-02-23 02:55:27 UTC
Will be part of 1.2.29.