summaryrefslogtreecommitdiffstats
path: root/module/setup.py
diff options
context:
space:
mode:
authorDeepak Kodihalli <dkodihal@in.ibm.com>2018-10-15 12:45:18 -0500
committerBrad Bishop <bradleyb@fuzziesquirrel.com>2018-10-16 12:58:26 +0000
commit4b412ac926aaed11a9c335827d7c37d972399d0d (patch)
tree7effd83582eff343614707c41f336e47a224f316 /module/setup.py
parent844bb4e13bf53905f899760e1f4435576f334b11 (diff)
downloadphosphor-rest-server-4b412ac926aaed11a9c335827d7c37d972399d0d.tar.gz
phosphor-rest-server-4b412ac926aaed11a9c335827d7c37d972399d0d.zip
LDAP config: don't log bind password
Add a way to prevent json body logging for routes with sensitive data such as passwords. This is basically done via a list of URLs. Add the LDAP create config URL to this list. Tested: Before: phosphor-gevent[1481]: <BMC IP> user:root POST http://127.0.0.1:8081/xyz/openbmc_project/user/ldap/action/CreateConfig json:{u'data': [False, u'ldap://<LDAP server IP>/', u'cn=Sivas,cn=Users,dc=Corp,dc=ibm,dc=com', u'cn=Users,dc=Corp,dc=ibm,dc=com', u'<password>', u'xyz.openbmc_project.User.Ldap.Create.SearchScope.sub', u'xyz.openbmc_project.User.Ldap.Create.Type.ActiveDirectory']} 200 OK After: phosphor-gevent[1710]: <BMC IP> user:root POST http://127.0.0.1:8081/xyz/openbmc_project/user/ldap/action/CreateConfig json:None 200 OK Change-Id: I99979e5e373784c7eabb55861dae70bb283859a4 Signed-off-by: Deepak Kodihalli <dkodihal@in.ibm.com>
Diffstat (limited to 'module/setup.py')
0 files changed, 0 insertions, 0 deletions
OpenPOWER on IntegriCloud