Skip to content

Mask password in URI properties if present #8293

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
shakuzen opened this issue Feb 15, 2017 · 4 comments
Closed

Mask password in URI properties if present #8293

shakuzen opened this issue Feb 15, 2017 · 4 comments
Assignees
@spring-contributor
Labels
status: superseded An issue that has been superseded by another theme: config-data Issues related to the configuration theme type: enhancement A general enhancement

Comments

@shakuzen
Copy link
Member

Per #8282 (comment) opening this enhancement request to consider if anything can be done to improve masking in the /configprops endpoint.

As mentioned in the linked issue, some properties will contain a portion (such as a password in a URI like spring.data.mongodb.uri) that is sensitive even though the entire property is not sensitive. Placeholders named such that they will be sanitized keys (i.e. mongo.password) may be used here, but as @wilkinsona mentioned, the fact placeholders were used is lost.

I'm not sure what we can do for a @ConfigurationProperties bean as the fact that placeholders were involved in configuring a property's value is lost by the time the beans are being queried. We are hoping to provide some provenance for configuration properties in 2.0 so this may become possible as part of that, although I'm not sure how likely that is.

With a configuration like

spring.data.mongodb.uri: mongodb://user:${mongo.password}@host1:27017,host2:27017,host3:27017/dbname
mongo.password: password

It would be nice if the mongo.password value were not exposed in /configprops (through spring.data.mongodb.uri's resolved value).
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Feb 15, 2017
@snicoll snicoll added for: team-call type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged labels Feb 15, 2017
@philwebb philwebb added theme: config-data Issues related to the configuration theme and removed for: team-call labels Mar 2, 2017
@vmalpani
Copy link

vmalpani commented Aug 9, 2017

Hi, any estimates on when will this get resolved? I am in a similar situation.

@wilkinsona
Copy link
Member

As indicated by the lack of milestone assigned to the issue, we don't have any plans to implement this at the moment.

@philwebb philwebb added this to the 2.x milestone Feb 1, 2019
@mbhave mbhave added the for: team-attention An issue we'd like other members of the team to review label Aug 3, 2019
@wilkinsona wilkinsona mentioned this issue Aug 16, 2019
Closed
@mbhave
Copy link
Contributor

mbhave commented Aug 16, 2019

We discussed this today and it seems like trying to apply a general rule to mask placeholders that are sensitive will not always work. Even if we track the placeholders used, the final value that's in the @ConfigurationProperties bean could have been altered by a setter or something like that.

We're going to reduce the scope of this issue to mask the password for a property that has a type URI or is named uri since we know the pattern for where the sensitive value will be in a URI. We could not think of other examples where a sensitive placeholder would be used in a property. If there are more in the future, we can look at masking those on a case-by-case basis.

@mbhave mbhave removed the for: team-attention An issue we'd like other members of the team to review label Aug 16, 2019
@mbhave mbhave changed the title Mask sensitive placeholders used in /configprops values Mask password in URI properties if present Aug 16, 2019
@wilkinsona wilkinsona mentioned this issue Aug 22, 2019
Closed
htztomic added a commit to htztomic/spring-boot that referenced this issue Aug 22, 2019
@htztomic
fix to spring-projectsgh-8293
9908444
htztomic added a commit to htztomic/spring-boot that referenced this issue Aug 22, 2019
@htztomic
fix to spring-projectsgh-8293
0015566
htztomic added a commit to htztomic/spring-boot that referenced this issue Aug 22, 2019
@htztomic
fix to spring-projectsgh-8293
d5db018
@htztomic htztomic mentioned this issue Aug 22, 2019
Closed
htztomic added a commit to htztomic/spring-boot that referenced this issue Aug 22, 2019
@htztomic
fix to spring-projectsgh-8293 and spring-projectsgh-17930
d27c255
@mbhave
Copy link
Contributor

mbhave commented Aug 22, 2019

Closing in favor of #17939.

@mbhave mbhave closed this as completed Aug 22, 2019
@mbhave mbhave added the status: superseded An issue that has been superseded by another label Aug 22, 2019
@mbhave mbhave removed this from the 2.x milestone Aug 22, 2019
@mbhave mbhave mentioned this issue Jan 13, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spring-contributor spring-contributor

Labels
status: superseded An issue that has been superseded by another theme: config-data Issues related to the configuration theme type: enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@snicoll @philwebb @wilkinsona @mbhave @vmalpani @shakuzen @spring-projects-issues @spring-contributor