[GH-ISSUE #735] [BUG] Treat `database_url` as secret #266

New issue

Closed

opened 2026-02-27 08:16:14 +03:00 by kerem · 3 comments

kerem commented

2026-02-27 08:16:14 +03:00

Owner

Originally created by @janpieper on GitHub (Nov 15, 2023).
Original GitHub issue: https://github.com/lldap/lldap/issues/735

Describe the bug

When enabling the verbose-mode (LLDAP_VERBOSE=true), you get the configuration pasted to the log, but this contains the database_url in plaintext, although it might contain the database credentials 🤔 The verbose-mode should not be enabled in production, but maybe it might make sense to handle the database_url as secret too, like for jwt_secret and ldap_user_pass.

To Reproduce

Start LLDAP all required ENV-variables and these:

export LLDAP_VERBOSE=true
export LLDAP_DATABASE_URL=postgres://user:password@host:port/database

Expected behavior

I would've expected the database_url to be handled as secret 🤔

Configuration: Configuration {
  // ...
  database_url: ***SECRET***,
  // ...
}

Logs

Currently I get this:

Configuration: Configuration {
  // ...
  jwt_secret: ***SECRET***,
  // ...
  ldap_user_pass: ***SECRET***,
  // ...
  database_url: "postgres://user:password@host:port/database",
  // ...
}

Additional context

LLDAP-Version: lldap/lldap:2023-11-05-alpine

Originally created by @janpieper on GitHub (Nov 15, 2023). Original GitHub issue: https://github.com/lldap/lldap/issues/735 **Describe the bug** When enabling the verbose-mode (`LLDAP_VERBOSE=true`), you get the configuration pasted to the log, but this contains the `database_url` in plaintext, although it might contain the database credentials :thinking: The verbose-mode should not be enabled in production, but maybe it might make sense to handle the `database_url` as secret too, like for `jwt_secret` and `ldap_user_pass`. **To Reproduce** Start LLDAP all required ENV-variables and these: ```sh export LLDAP_VERBOSE=true export LLDAP_DATABASE_URL=postgres://user:password@host:port/database ``` **Expected behavior** I would've expected the `database_url` to be handled as secret :thinking: ```rust Configuration: Configuration { // ... database_url: ***SECRET***, // ... } ``` **Logs** Currently I get this: ```rust Configuration: Configuration { // ... jwt_secret: ***SECRET***, // ... ldap_user_pass: ***SECRET***, // ... database_url: "postgres://user:password@host:port/database", // ... } ``` **Additional context** LLDAP-Version: `lldap/lldap:2023-11-05-alpine`

kerem

2026-02-27 08:16:14 +03:00

closed this issue
added the
bug
label

kerem commented

2026-02-27 08:16:15 +03:00

Author

Owner

@nitnelave commented on GitHub (Nov 16, 2023):

Hmm, I'm a bit conflicted on that one: I agree that the password should be secret. However, it's usually important to know which database you're talking to.

I wonder if I can just parse it as a URL, would it be equivalent? Then I can consider the various parts and mask the password.

@nitnelave commented on GitHub (Nov 16, 2023): Hmm, I'm a bit conflicted on that one: I agree that the password should be secret. However, it's usually important to know which database you're talking to. I wonder if I can just parse it as a URL, would it be equivalent? Then I can consider the various parts and mask the password.

kerem commented

2026-02-27 08:16:15 +03:00

Author

Owner

@janpieper commented on GitHub (Nov 16, 2023):

Masking only the password would also be a possible way to go 👍

@janpieper commented on GitHub (Nov 16, 2023): Masking only the password would also be a possible way to go :+1:

kerem commented

2026-02-27 08:16:15 +03:00

Author

Owner

@janpieper commented on GitHub (Jan 24, 2024):