Tsz-wo Sze created KAFKA-17014:
----------------------------------
Summary: ScramFormatter should not use String for password.
Key: KAFKA-17014
URL: https://issues.apache.org/jira/browse/KAFKA-17014
Project: Kafka
Issue Type: Improvement
Components: security
Reporter: Tsz-wo Sze
Since String is immutable, there is no easy way to erase a String password
after use. We should not use String for password. See also
https://stackoverflow.com/questions/8881291/why-is-char-preferred-over-string-for-passwords
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
