loserwang1024 commented on PR #3047: URL: https://github.com/apache/fluss/pull/3047#issuecomment-4900773035
@wuchong , I have modified this PR based on your advice. Only one is left for another PR later. One concern I have is that `security.sasl.plain.credentials` is a bit different from normal sensitive config options. Each list entry stores `username:password` as a single string value, so the config framework cannot naturally distinguish the non-sensitive username part from the sensitive password part. If we only add a generic sensitive flag, the safest behavior would be to mask the whole config value in `describeClusterConfigs` / `get_cluster_configs`. That is reusable and avoids leaking passwords, but it also means usernames are hidden together with passwords. If we want to show usernames while hiding passwords, we would need special parsing logic for this specific config key, e.g. rendering `alice:******,bob:******`. I’m not sure that belongs in the generic config display path, because it would make the config framework aware of SASL/PLAIN-specific value syntax and edge cases. So I’d like to discuss which direction we prefer: 1. Treat the whole `security.sasl.plain.credentials` value as sensitive and mask it entirely. 2. Add special handling for this key to expose usernames but mask passwords. 3. Keep config display generic, and if listing SASL/PLAIN users is needed, add a dedicated user-management/list-users API later. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
