[
https://issues.apache.org/jira/browse/KNOX-2561?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17311500#comment-17311500
]
ASF subversion and git services commented on KNOX-2561:
-------------------------------------------------------
Commit ac80f0a712f38fc8f41b52816ce73db8507e7249 in knox's branch
refs/heads/master from Philip Zampino
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=ac80f0a ]
KNOX-2561 - Unique token identifiers must be truncated when logged now that
they can be used as secrets (#425)
> Unique token identifiers must be truncated when logged now that they can be
> used as secrets
> -------------------------------------------------------------------------------------------
>
> Key: KNOX-2561
> URL: https://issues.apache.org/jira/browse/KNOX-2561
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.6.0
> Reporter: Philip Zampino
> Assignee: Philip Zampino
> Priority: Major
> Time Spent: 20m
> Remaining Estimate: 0h
>
> With KNOX-2555 and KNOX-2556, the unique internal identifiers for Knox tokens
> are exposed and may be used as secrets. As such, they should no longer be
> fully logged. Rather, they should be truncated as the tokens themselves are
> currently.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
