Szymon Szczypiński created FLINK-9100:
-----------------------------------------
Summary: Shadow/Hide password from configuration that is logged to
log file
Key: FLINK-9100
URL: https://issues.apache.org/jira/browse/FLINK-9100
Project: Flink
Issue Type: Improvement
Components: Configuration
Reporter: Szymon Szczypiński
I was thinking to add small improvement to Flink. I want to add feature that
will hide value for key containing phrase "password". I want to this only when
value is logged to log file.
I want to this because of security reason, if someone need to monitor log file
then value from password key will be visible in that monitoring.
I want to change class "GlobalConfiguration" and "SecurityOptions"
In class "GlobalConfiguration" change line
{color:#9876aa}LOG{color}.info({color:#6a8759}"Loading configuration property:
{}, {}"{color}{color:#cc7832}, {color}key{color:#cc7832},
{color}value){color:#cc7832};{color}
and add code that will check that if key contain phrase "password" than value
will be changed to for example "*******".
The change of value i want to make when new key in class "SecurityOptions" will
be set to true. This new key will identifies than password should be
shadowed/hidden.
What you thing about that improvement?
This improvement is similar to FLINK-8793 for REST component.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
