GeoServer
  1. GeoServer
  2. GEOS-3044

Database connection parameters including password shown if dbtype wrong/unsupported

    Details

    • Type: Bug Bug
    • Status: Closed Closed
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.0.x
    • Component/s: WFS
    • Labels:
      None
    • Number of attachments :
      0

      Description

      If no SPI data access factory can be found, the connection parameters, including password, are included in the WFS ows:ExceptionReport. This gives an end user access to confidential information.

      <?xml version="1.0" encoding="UTF-8"?>
      <ows:ExceptionReport version="1.0.0"
        xsi:schemaLocation="http://www.opengis.net/ows http://localhost:8080/geoserver/schemas/ows/1.0.0/owsExceptionReport.xsd"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ows="http://www.opengis.net/ows">
        <ows:Exception exceptionCode="NoApplicableCode">
          <ows:ExceptionText>Error occurred getting features
            Cannot find a DataAccess for parameters {user=test,
            passwd=s3cr3t, host=name.changed.to.protect.the.innocent, port=1521,
            database=test, dbtype=Ooracle}</ows:ExceptionText>
        </ows:Exception>
      </ows:ExceptionReport>
      

        Activity

        Hide
        Ben Caradoc-Davies added a comment -

        Andrea wrote:
        > giving back reports is not especially amusing...

        I do admit to being easily amused.

        Show
        Ben Caradoc-Davies added a comment - Andrea wrote: > giving back reports is not especially amusing... I do admit to being easily amused.
        Hide
        Ben Caradoc-Davies added a comment -

        Fixed in GeoTools in r34399 on trunk and r34400 on 2.6.x branch.

        Show
        Ben Caradoc-Davies added a comment - Fixed in GeoTools in r34399 on trunk and r34400 on 2.6.x branch.
        Hide
        Ben Caradoc-Davies added a comment -

        The fix was to hardcode a list of safe parameters to report. Ugly, but combines reasonable reporting with reasonable security. Gabriel's suggestion was elegant, but if dbtype is wrong, the user gets nothing at all.

        Show
        Ben Caradoc-Davies added a comment - The fix was to hardcode a list of safe parameters to report. Ugly, but combines reasonable reporting with reasonable security. Gabriel's suggestion was elegant, but if dbtype is wrong, the user gets nothing at all.
        Hide
        Ben Caradoc-Davies added a comment -

        I also added logging of the full bad parameters.

        Show
        Ben Caradoc-Davies added a comment - I also added logging of the full bad parameters.
        Hide
        Andrea Aime added a comment -

        Mass closing all issues that have been in "resolved" state for 2 months or more without any feedback or update

        Show
        Andrea Aime added a comment - Mass closing all issues that have been in "resolved" state for 2 months or more without any feedback or update

          People

          • Assignee:
            Ben Caradoc-Davies
            Reporter:
            Ben Caradoc-Davies
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: