[ https://issues.apache.org/jira/browse/HADOOP-13317?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15515123#comment-15515123 ]
Suraj Acharya commented on HADOOP-13317: ---------------------------------------- * The KMS does not support any other cipher other than AES/CTR in the current implementation. One can change the cipher in core-site.xml but that will throw an error since AES/CTR has been hardcoded. * I havent put some information in the logs because of either sensitive matter or access control. Putting material of a key is an information leak. Also, it is an information leak to print out the metadata and other information while being returned. I have logged mostly the incoming request information and the reason is the same. * Also, I didnt wish to put information where ACLs protect transaction. * I know get what you are saying about the exceptions. I think we should make that as a separate effort for the KMS. The reason being we will need to know the exceptions we wish to handle. > Add logs to KMS servier-side to improve supportability > ------------------------------------------------------ > > Key: HADOOP-13317 > URL: https://issues.apache.org/jira/browse/HADOOP-13317 > Project: Hadoop Common > Issue Type: Improvement > Components: kms > Reporter: Xiao Chen > Assignee: Suraj Acharya > Priority: Minor > Labels: supportability > Attachments: HADOOP-13317-1.patch, HADOOP-13317-2.patch, > HADOOP-13317-3.patch, HADOOP-13317.patch > > > [KMS.java|https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMS.java] > is the main class that serves KMS http requests. There're currently no logs > at all, making trouble shooting difficult. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org