midsuit
/
core-jgi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Security issue - passwords must not be written in logs

This commit is contained in:
Carlos Ruiz 2016-09-03 18:29:39 +02:00
parent 916341f634
commit 779aace1cc
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
org.adempiere.base/src/org/compiere/model/MUser.java
View File

@ -173,7 +173,7 @@ public class MUser extends X_AD_User
{ {
if (name == null || name.length() == 0 || password == null || password.length() == 0) if (name == null || name.length() == 0 || password == null || password.length() == 0)
{ {
s_log.warning ("Invalid Name/Password = " + name + "/" + password); s_log.warning ("Invalid Name/Password = " + name);
return null; return null;
} }
boolean hash_password = MSysConfig.getBooleanValue(MSysConfig.USER_PASSWORD_HASH, false); boolean hash_password = MSysConfig.getBooleanValue(MSysConfig.USER_PASSWORD_HASH, false);