[jira] [Updated] (KNOX-1428) Scrub logging of HadoopAuthProvider config

Larry McCay (JIRA) Tue, 28 Aug 2018 13:05:17 -0700


     [ 
https://issues.apache.org/jira/browse/KNOX-1428?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Larry McCay updated KNOX-1428:
------------------------------
    Description: 
When initializing the HadoopAuthProvider each of the properties in the provider 
config is logged as INFO.

For certain deployments, this may contain sensitive information.

 

  was:
When using the HadoopAuth provider, a secret is printed in the logs:

{code}
2018-08-28 17:48:02,124 INFO  global.hadoopauth 
(HadoopAuthFilter.java:getConfiguration(61)) - Initializing Hadoop Auth 
Property, name: hadoop.auth.config.signature.secret,  value: 
the-secret-prints-here
{code}



> Scrub logging of HadoopAuthProvider config
> ------------------------------------------
>
>                 Key: KNOX-1428
>                 URL: https://issues.apache.org/jira/browse/KNOX-1428
>             Project: Apache Knox
>          Issue Type: Bug
>    Affects Versions: 0.7.0
>            Reporter: Sean Roberts
>            Priority: Major
>
> When initializing the HadoopAuthProvider each of the properties in the 
> provider config is logged as INFO.
> For certain deployments, this may contain sensitive information.
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1428) Scrub logging of HadoopAuthProvider config

Reply via email to