From 8b63e258502f9f55b33b2e0b02a2e24cf5d2f1c1 Mon Sep 17 00:00:00 2001
From: Paramvir Jindal <pjindal@pjindal.pnq.csb>
Date: Fri, 11 Oct 2019 11:51:22 +0530
Subject: [PATCH] UNDERTOW-1576: BASIC auth password is output as plain text at
 DEBUG level logging in BasicAuthenticationMechanism

---
 .../undertow/security/impl/BasicAuthenticationMechanism.java  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/io/undertow/security/impl/BasicAuthenticationMechanism.java b/core/src/main/java/io/undertow/security/impl/BasicAuthenticationMechanism.java
index 7042e8ff66..94e786427e 100644
--- a/core/src/main/java/io/undertow/security/impl/BasicAuthenticationMechanism.java
+++ b/core/src/main/java/io/undertow/security/impl/BasicAuthenticationMechanism.java
@@ -151,9 +151,9 @@ public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange,
                         }
 
                         plainChallenge = new String(decode.array(), decode.arrayOffset(), decode.limit(), charset);
-                        UndertowLogger.SECURITY_LOGGER.debugf("Found basic auth header %s (decoded using charset %s) in %s", plainChallenge, charset, exchange);
+                        UndertowLogger.SECURITY_LOGGER.debugf("Found basic auth header (decoded using charset %s) in %s", charset, exchange);
                     } catch (IOException e) {
-                        UndertowLogger.SECURITY_LOGGER.debugf(e, "Failed to decode basic auth header %s in %s", base64Challenge, exchange);
+                        UndertowLogger.SECURITY_LOGGER.debugf(e, "Failed to decode basic auth header in %s", exchange);
                     }
                     int colonPos;
                     if (plainChallenge != null && (colonPos = plainChallenge.indexOf(COLON)) > -1) {