Hello
Please excuse my ignorance about openfire. I am not too familiar with it but I am helping administer a machine where someone has installed it. The trouble is that the info.log is becoming full of lines like:
2014.11.04 20:56:07 org.jivesoftware.openfire.auth.AuthFactory - AuthFactory authenticate:auser,password=hispassword
These credentials are shared across applications so it is deeply troubling to see openfire leaking all the user passwords into the logfile. I have had to temporarily shut the openfire server down while we try to resolve this and more credentials get compromised. Is there some way to disable the passwords being dumped to the logfile? Its a very bad practice.
Hoping for useful suggestions.
Regards
Bob