diff options
| author | James Moger <james.moger@gitblit.com> | 2013-09-27 08:02:33 -0400 |
|---|---|---|
| committer | James Moger <james.moger@gitblit.com> | 2013-09-27 08:02:33 -0400 |
| commit | 7535ebacc69a7b39993992c62cfc3456cdbe1d45 (patch) | |
| tree | 5654f7d02221ba9a919ca8d75c450e745930d8d4 /src | |
| parent | 3517a7a6d44673e7944808ce464bcf1b037cd471 (diff) | |
| download | gitblit-7535ebacc69a7b39993992c62cfc3456cdbe1d45.tar.gz gitblit-7535ebacc69a7b39993992c62cfc3456cdbe1d45.zip | |
Do not log passwords on failed authentication attempts (issue-316)
Diffstat (limited to 'src')
| -rw-r--r-- | src/main/java/com/gitblit/GitBlit.java | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/main/java/com/gitblit/GitBlit.java b/src/main/java/com/gitblit/GitBlit.java index 2cebe82b..c31a0e97 100644 --- a/src/main/java/com/gitblit/GitBlit.java +++ b/src/main/java/com/gitblit/GitBlit.java @@ -947,8 +947,8 @@ public class GitBlit implements ServletContextListener { user.username, httpRequest.getRemoteAddr())); return user; } else { - logger.warn(MessageFormat.format("Failed login attempt for {0}, invalid credentials ({1}) from {2}", - username, credentials, httpRequest.getRemoteAddr())); + logger.warn(MessageFormat.format("Failed login attempt for {0}, invalid credentials from {1}", + username, httpRequest.getRemoteAddr())); } } } |