From 74e563da7fa6886449fd2be5933e2d4ca5c85f48 Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期二, 12 九月 2023 11:25:52 +0800
Subject: [PATCH] [UPDATE] 解決弱點Se: Incorrect definition of Serializable class [UPDATE] 解決弱點Information exposure to log file [UPDATE] 解決弱點Use of hard-coded password

---
 pamapi/src/main/java/com/pollex/pam/security/token/OtpAuthenticationToken.java |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/security/token/OtpAuthenticationToken.java b/pamapi/src/main/java/com/pollex/pam/security/token/OtpAuthenticationToken.java
index a4c450c..8cbaf23 100644
--- a/pamapi/src/main/java/com/pollex/pam/security/token/OtpAuthenticationToken.java
+++ b/pamapi/src/main/java/com/pollex/pam/security/token/OtpAuthenticationToken.java
@@ -9,7 +9,7 @@
 
     private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
 
-    private final OtpAccount principle;
+    private transient OtpAccount principle;
     private String credentials;
 
     public OtpAuthenticationToken(OtpAccount principle, String credentials) {

--
Gitblit v1.8.0