[ https://issues.apache.org/jira/browse/KAFKA-9718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rajini Sivaram resolved KAFKA-9718. ----------------------------------- Reviewer: Manikumar Resolution: Fixed > Don't log passwords for AlterConfigs requests in request logs > ------------------------------------------------------------- > > Key: KAFKA-9718 > URL: https://issues.apache.org/jira/browse/KAFKA-9718 > Project: Kafka > Issue Type: Bug > Reporter: Rajini Sivaram > Assignee: Rajini Sivaram > Priority: Major > Fix For: 2.6.0 > > > We currently avoid logging passwords in log files by logging only parsed > values were passwords are logged as `[hidden]`. But for AlterConfigs requests > in request logs, we log all entries since they just appear as string entries. > Since we allow altering password configs like SSL key passwords and JAAS > config, we shouldn't include these in log files. -- This message was sent by Atlassian Jira (v8.3.4#803005)