[
https://issues.apache.org/jira/browse/KNOX-1429?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16646778#comment-16646778
]
Larry McCay commented on KNOX-1429:
-----------------------------------
You know, [~risdenk]... I think that we should just remove the logging of the
params altogether.
Rather than introducing something to keep sensitive ones from being logged -
just remove the logging.
What do you think?
> Log of HadoopAuthProvider config as DEBUG
> -----------------------------------------
>
> Key: KNOX-1429
> URL: https://issues.apache.org/jira/browse/KNOX-1429
> Project: Apache Knox
> Issue Type: Bug
> Affects Versions: 0.7.0
> Reporter: Larry McCay
> Assignee: Kevin Risden
> Priority: Major
> Fix For: 1.2.0
>
> Attachments: KNOX-1429.patch
>
>
> When initializing the HadoopAuthProvider each of the properties in the
> provider config is logged as INFO.
> For certain deployments, this may contain sensitive information.
> We should move this to DEBUG level and potentially scrub the properties for
> properties that we know to be sensitive.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
