[
https://issues.apache.org/jira/browse/SAMZA-589?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14359771#comment-14359771
]
Tommy Becker commented on SAMZA-589:
------------------------------------
Yeah I played with this a bit, adding a sanitize() method to Config that
returns masked values for sensitive keys. The downside to this approach I
guess is that you have to know to call sanitize(), where the toString() method
"just works", unless of course you're iterating over the config for something
like the UI.
> Need a way to flag sensitive information in Config
> --------------------------------------------------
>
> Key: SAMZA-589
> URL: https://issues.apache.org/jira/browse/SAMZA-589
> Project: Samza
> Issue Type: Bug
> Components: container
> Affects Versions: 0.8.0
> Reporter: Tommy Becker
> Fix For: 0.10.0
>
>
> Currently, the full contents of a job's Config is exposed in at least a
> couple of places including the logs (logged by SamzaContainer), and the
> ApplicationMaster UI's config page. There is a security concern with doing
> that if sensitive information (e.g. credentials) is stored there. It would
> be nice to be able to mark sensitive config values so that they are not
> displayed in such ways. The only thing that springs to mind is a special
> naming convention, perhaps a "sensitive" prefix that would identify these
> values. Ideally such a capability would be baked into Config itself, but
> minimally Samza code that exposes Config could be made aware of the
> convention to avoid displaying the plaintext of sensitive values.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
