<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>Was it the client or the server that exposed the credentials?<br><br>Sent from my iPhone</div><div><br>On Apr 26, 2014, at 2:28 PM, Hao Wang <<a href="mailto:hao.1.wang@gmail.com">hao.1.wang@gmail.com</a>> wrote:<br><br></div><blockquote type="cite"><div><div dir="ltr"><span style="font-family:arial,sans-serif;font-size:13px">Hi,</span><div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">I am troubleshooting a neutron case. It was just found that if DEBUG was enabled, neutron would print out JSON data with username and password. I am wondering what kind of protocol is used in production environment to prevent this security risk from happening.</div>
<div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">Thanks,</div><div style="font-family:arial,sans-serif;font-size:13px">Hao</div></div>
</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a></span><br><span>Post to     : <a href="mailto:openstack@lists.openstack.org">openstack@lists.openstack.org</a></span><br><span>Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a></span><br></div></blockquote></body></html>