From a1548eb670d74cac7ff9bb8c4b4228059e6b9e4a Mon Sep 17 00:00:00 2001
From: Eric Brown <browne@vmware.com>
Date: Mon, 13 Apr 2015 11:37:53 -0700
Subject: [PATCH] backend_argument should be marked secret

Since the backend_argument can potentially contain a password,
it should be marked secret to avoid leakage into the logs.

Closes-Bug: #1443598

Change-Id: I55663db4cf2df84a66de8f64fba4b4f129ae827d
(cherry picked from commit f9db1a65bd4d83d12c572ba4d5807845996ef410)
---
 keystone/common/config.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/keystone/common/config.py b/keystone/common/config.py
index 88ec2087a8..8425d60282 100644
--- a/keystone/common/config.py
+++ b/keystone/common/config.py
@@ -259,7 +259,7 @@ FILE_OPTIONS = {
                          'fixed length cache-keys. This is toggle-able for '
                          'debugging purposes, it is highly recommended to '
                          'always leave this set to True.'),
-        cfg.MultiStrOpt('backend_argument', default=[],
+        cfg.MultiStrOpt('backend_argument', default=[], secret=True,
                         help='Arguments supplied to the backend module. '
                              'Specify this option once per argument to be '
                              'passed to the dogpile.cache backend. Example '