[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=1465#comment-1465 ] Hive QA commented on HIVE-20796: Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12945743/HIVE-20796.05.patch {color:green}SUCCESS:{color} +1 due to 1 test(s) being added or modified. {color:green}SUCCESS:{color} +1 due to 15508 tests passed Test results: https://builds.apache.org/job/PreCommit-HIVE-Build/14664/testReport Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/14664/console Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-14664/ Messages: {noformat} Executing org.apache.hive.ptest.execution.TestCheckPhase Executing org.apache.hive.ptest.execution.PrepPhase Executing org.apache.hive.ptest.execution.YetusPhase Executing org.apache.hive.ptest.execution.ExecutionPhase Executing org.apache.hive.ptest.execution.ReportingPhase {noformat} This message is automatically generated. ATTACHMENT ID: 12945743 - PreCommit-HIVE-Build > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > Attachments: HIVE-20796.01.patch, HIVE-20796.02.patch, > HIVE-20796.03.patch, HIVE-20796.04.patch, HIVE-20796.05.patch > > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=1444#comment-1444 ] Hive QA commented on HIVE-20796: | (/) *{color:green}+1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | || || || || {color:brown} master Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 7m 42s{color} | {color:green} master passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 23s{color} | {color:green} master passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 7s{color} | {color:green} master passed {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 0m 59s{color} | {color:blue} standalone-metastore/metastore-server in master has 181 extant Findbugs warnings. {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 18s{color} | {color:green} master passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m 27s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 23s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 0m 23s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 7s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 0s{color} | {color:green} The patch has no whitespace issues. {color} | | {color:green}+1{color} | {color:green} findbugs {color} | {color:green} 1m 8s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 18s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m 12s{color} | {color:green} The patch does not generate ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black} 12m 32s{color} | {color:black} {color} | \\ \\ || Subsystem || Report/Notes || | Optional Tests | asflicense javac javadoc findbugs checkstyle compile | | uname | Linux hiveptest-server-upstream 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u1 (2016-09-03) x86_64 GNU/Linux | | Build tool | maven | | Personality | /data/hiveptest/working/yetus_PreCommit-HIVE-Build-14664/dev-support/hive-personality.sh | | git revision | master / 1002e89 | | Default Java | 1.8.0_111 | | findbugs | v3.0.0 | | modules | C: standalone-metastore/metastore-server U: standalone-metastore/metastore-server | | Console output | http://104.198.109.242/logs//PreCommit-HIVE-Build-14664/yetus.txt | | Powered by | Apache Yetushttp://yetus.apache.org | This message was automatically generated. > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > Attachments: HIVE-20796.01.patch, HIVE-20796.02.patch, > HIVE-20796.03.patch, HIVE-20796.04.patch, HIVE-20796.05.patch > > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16665128#comment-16665128 ] Peter Vary commented on HIVE-20796: --- HIVE-20796.05.patch is even better +1 pending tests :D > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > Attachments: HIVE-20796.01.patch, HIVE-20796.02.patch, > HIVE-20796.03.patch, HIVE-20796.04.patch, HIVE-20796.05.patch > > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16664776#comment-16664776 ] Hive QA commented on HIVE-20796: Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12945596/HIVE-20796.04.patch {color:red}ERROR:{color} -1 due to build exiting with an error Test results: https://builds.apache.org/job/PreCommit-HIVE-Build/14644/testReport Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/14644/console Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-14644/ Messages: {noformat} Executing org.apache.hive.ptest.execution.TestCheckPhase Tests exited with: Exception: Patch URL https://issues.apache.org/jira/secure/attachment/12945596/HIVE-20796.04.patch was found in seen patch url's cache and a test was probably run already on it. Aborting... {noformat} This message is automatically generated. ATTACHMENT ID: 12945596 - PreCommit-HIVE-Build > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > Attachments: HIVE-20796.01.patch, HIVE-20796.02.patch, > HIVE-20796.03.patch, HIVE-20796.04.patch > > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16664600#comment-16664600 ] Hive QA commented on HIVE-20796: Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12945596/HIVE-20796.04.patch {color:red}ERROR:{color} -1 due to build exiting with an error Test results: https://builds.apache.org/job/PreCommit-HIVE-Build/14643/testReport Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/14643/console Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-14643/ Messages: {noformat} Executing org.apache.hive.ptest.execution.TestCheckPhase Tests exited with: Exception: Patch URL https://issues.apache.org/jira/secure/attachment/12945596/HIVE-20796.04.patch was found in seen patch url's cache and a test was probably run already on it. Aborting... {noformat} This message is automatically generated. ATTACHMENT ID: 12945596 - PreCommit-HIVE-Build > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > Attachments: HIVE-20796.01.patch, HIVE-20796.02.patch, > HIVE-20796.03.patch, HIVE-20796.04.patch > > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16664464#comment-16664464 ] Hive QA commented on HIVE-20796: Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12945596/HIVE-20796.04.patch {color:green}SUCCESS:{color} +1 due to 1 test(s) being added or modified. {color:red}ERROR:{color} -1 due to 2 failed/errored test(s), 15506 tests executed *Failed tests:* {noformat} TestMiniDruidCliDriver - did not produce a TEST-*.xml file (likely timed out) (batchId=196) [druidmini_masking.q,druidmini_test1.q,druidkafkamini_basic.q,druidmini_joins.q,druid_timestamptz.q] org.apache.hive.spark.client.rpc.TestRpc.testClientTimeout (batchId=325) {noformat} Test results: https://builds.apache.org/job/PreCommit-HIVE-Build/14642/testReport Console output: https://builds.apache.org/job/PreCommit-HIVE-Build/14642/console Test logs: http://104.198.109.242/logs/PreCommit-HIVE-Build-14642/ Messages: {noformat} Executing org.apache.hive.ptest.execution.TestCheckPhase Executing org.apache.hive.ptest.execution.PrepPhase Executing org.apache.hive.ptest.execution.YetusPhase Executing org.apache.hive.ptest.execution.ExecutionPhase Executing org.apache.hive.ptest.execution.ReportingPhase Tests exited with: TestsFailedException: 2 tests failed {noformat} This message is automatically generated. ATTACHMENT ID: 12945596 - PreCommit-HIVE-Build > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > Attachments: HIVE-20796.01.patch, HIVE-20796.02.patch, > HIVE-20796.03.patch, HIVE-20796.04.patch > > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16664426#comment-16664426 ] Hive QA commented on HIVE-20796: | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 0s{color} | {color:green} The patch does not contain any @author tags. {color} | || || || || {color:brown} master Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 8m 47s{color} | {color:green} master passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 24s{color} | {color:green} master passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 7s{color} | {color:green} master passed {color} | | {color:blue}0{color} | {color:blue} findbugs {color} | {color:blue} 1m 8s{color} | {color:blue} standalone-metastore/metastore-server in master has 181 extant Findbugs warnings. {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 18s{color} | {color:green} master passed {color} | || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 0m 28s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} compile {color} | {color:green} 0m 24s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} javac {color} | {color:green} 0m 24s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} checkstyle {color} | {color:green} 0m 6s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m 0s{color} | {color:green} The patch has no whitespace issues. {color} | | {color:red}-1{color} | {color:red} findbugs {color} | {color:red} 1m 15s{color} | {color:red} standalone-metastore/metastore-server generated 2 new + 181 unchanged - 0 fixed = 183 total (was 181) {color} | | {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 0m 18s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:red}-1{color} | {color:red} asflicense {color} | {color:red} 0m 14s{color} | {color:red} The patch generated 2 ASF License warnings. {color} | | {color:black}{color} | {color:black} {color} | {color:black} 13m 50s{color} | {color:black} {color} | \\ \\ || Reason || Tests || | FindBugs | module:standalone-metastore/metastore-server | | | Call to String.equals(org.apache.hadoop.hive.metastore.conf.MetastoreConf$ConfVars) in org.apache.hadoop.hive.metastore.ObjectStore.getDataSourceProps(Configuration) At ObjectStore.java: At ObjectStore.java:[line 478] | | | Return value of String.trim() ignored in org.apache.hadoop.hive.metastore.utils.MetaStoreServerUtils.anonymizeConnectionURL(String) At MetaStoreServerUtils.java:in org.apache.hadoop.hive.metastore.utils.MetaStoreServerUtils.anonymizeConnectionURL(String) At MetaStoreServerUtils.java:[line 1163] | \\ \\ || Subsystem || Report/Notes || | Optional Tests | asflicense javac javadoc findbugs checkstyle compile | | uname | Linux hiveptest-server-upstream 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u1 (2016-09-03) x86_64 GNU/Linux | | Build tool | maven | | Personality | /data/hiveptest/working/yetus_PreCommit-HIVE-Build-14642/dev-support/hive-personality.sh | | git revision | master / a99be34 | | Default Java | 1.8.0_111 | | findbugs | v3.0.0 | | findbugs | http://104.198.109.242/logs//PreCommit-HIVE-Build-14642/yetus/new-findbugs-standalone-metastore_metastore-server.html | | asflicense | http://104.198.109.242/logs//PreCommit-HIVE-Build-14642/yetus/patch-asflicense-problems.txt | | modules | C: standalone-metastore/metastore-server U: standalone-metastore/metastore-server | | Console output | http://104.198.109.242/logs//PreCommit-HIVE-Build-14642/yetus.txt | | Powered by | Apache Yetushttp://yetus.apache.org | This message was automatically generated. > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > Attachments: HIVE-20796.01.patch, HIVE-20796.02.patch, > HIVE-20796.03.patch, HIVE-20796.04.patch > > > It is possible to put passwords in the jdbc connection url and some jdbc > driv
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16663764#comment-16663764 ] Peter Vary commented on HIVE-20796: --- +1 pending tests > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > Attachments: HIVE-20796.01.patch, HIVE-20796.02.patch, > HIVE-20796.03.patch, HIVE-20796.04.patch > > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16663634#comment-16663634 ] Peter Vary commented on HIVE-20796: --- Sounds like a good place :D > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > Attachments: HIVE-20796.01.patch > > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16663631#comment-16663631 ] Laszlo Pinter commented on HIVE-20796: -- [~pvary] We were thinking the same :). Is it ok if I put this method to the MetaStoreServerUtils class? > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > Attachments: HIVE-20796.01.patch > > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16663609#comment-16663609 ] Peter Vary commented on HIVE-20796: --- [~lpinter]: Would it be a good idea to put this to an util method and write some unit test for it? I think this way we can be sure that it handles every possible situation, and it will not be changed later accidentally. What do you think? > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > Attachments: HIVE-20796.01.patch > > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16662337#comment-16662337 ] Peter Vary commented on HIVE-20796: --- Thanks for the explanation! > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16662329#comment-16662329 ] Laszlo Pinter commented on HIVE-20796: -- Indeed is similar, but I was thinking of different scenario. In the hive-site.xml you can provide the connection url and the credentials as different entries {code:xml} javax.jdo.option.ConnectionURL jdbc:derby:memory:${test.tmp.dir}/junit_metastore_db;create=true javax.jdo.option.ConnectionUserName username javax.jdo.option.ConnectionPassword password {code} But it is possible to specify the credentials as part of the connection url {code:xml} javax.jdo.option.ConnectionURL jdbc:derby:memory:${test.tmp.dir}/junit_metastore_db;create=true;username=username;password=password {code} While overriding the default configuration values from jpox.properties, the old and new entries are logged out (ObjectStore#getDataSourceProps()) {code:java} if (MetastoreConf.isPrintable(varName)) { LOG.debug("Overriding {} value {} from jpox.properties with {}", varName, prevVal, confVal); } {code} Since the jdbc url is not marked as unprintable, all of it contents will be written to debug log. > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (HIVE-20796) jdbc URL can contain sensitive information that should not be logged
[ https://issues.apache.org/jira/browse/HIVE-20796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16662309#comment-16662309 ] Peter Vary commented on HIVE-20796: --- Started something like this before, but AFAIK never finished: HIVE-15931 > jdbc URL can contain sensitive information that should not be logged > > > Key: HIVE-20796 > URL: https://issues.apache.org/jira/browse/HIVE-20796 > Project: Hive > Issue Type: Improvement > Components: Hive >Affects Versions: 4.0.0 >Reporter: Laszlo Pinter >Assignee: Laszlo Pinter >Priority: Major > > It is possible to put passwords in the jdbc connection url and some jdbc > drivers will supposedly use that. (derby, mysql). This information is > considered sensitive, and should be masked out, while logging the connection > url. -- This message was sent by Atlassian JIRA (v7.6.3#76005)