[
https://issues.apache.org/jira/browse/KNOX-2147?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandor Molnar updated KNOX-2147:
--------------------------------
Resolution: Fixed
Status: Resolved (was: Patch Available)
> Keep username and password out of KnoxShellTableCallHistory
> ------------------------------------------------------------
>
> Key: KNOX-2147
> URL: https://issues.apache.org/jira/browse/KNOX-2147
> Project: Apache Knox
> Issue Type: Improvement
> Components: KnoxShell
> Reporter: Larry McCay
> Assignee: Sandor Molnar
> Priority: Major
> Fix For: 1.4.0
>
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> In working on KNOX-2132, I couldn't actually get the call history to work and
> was therefore unable to make sure that the username and password params don't
> end up in the persisted history or at least not rendered in the listing.
> Either call history no longer works or I just don't know how to enable it.
> Tests don't seem to cover the actual AOP based capture but record hardcoded
> calls rather than actual table interactions. I also notice that the
> aspectjrt.jar isn't being placed in the lib dir for knoxshell which seems
> broken.
> So, first thing to do is ensure that call history is actually working and fix
> it if not. Then determine what to do about the username and password and
> persistence of call histories as the means for reconstituting a dataset. Do
> we build in a required login which would mean that the dataset rehydration
> would require a user interaction for login? Do we encrypt the credentials -
> if so, using what as a key and how to manage it? Do we just rely on file
> permissions?
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
