[
https://issues.apache.org/jira/browse/KAFKA-9718?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Rajini Sivaram resolved KAFKA-9718.
-----------------------------------
Reviewer: Manikumar
Resolution: Fixed
> Don't log passwords for AlterConfigs requests in request logs
> -------------------------------------------------------------
>
> Key: KAFKA-9718
> URL: https://issues.apache.org/jira/browse/KAFKA-9718
> Project: Kafka
> Issue Type: Bug
> Reporter: Rajini Sivaram
> Assignee: Rajini Sivaram
> Priority: Major
> Fix For: 2.6.0
>
>
> We currently avoid logging passwords in log files by logging only parsed
> values were passwords are logged as `[hidden]`. But for AlterConfigs requests
> in request logs, we log all entries since they just appear as string entries.
> Since we allow altering password configs like SSL key passwords and JAAS
> config, we shouldn't include these in log files.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
