[
https://issues.apache.org/jira/browse/YARN-11726?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17897212#comment-17897212
]
ASF GitHub Bot commented on YARN-11726:
---------------------------------------
Hean-Chhinling commented on code in PR #7148:
URL: https://github.com/apache/hadoop/pull/7148#discussion_r1836854082
##########
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/util/WebAppUtils.java:
##########
@@ -509,11 +512,18 @@ static String getPassword(Configuration conf, String
alias) {
char[] passchars = conf.getPassword(alias);
if (passchars != null) {
password = new String(passchars);
+ LOG.info("Successful password retrieval for alias: {}", alias);
}
}
catch (IOException ioe) {
password = null;
+ LOG.error("Unable to retrieve password for alias: {}", alias, ioe);
}
+
+ if (password == null) {
+ LOG.error("Password does not exist for alias: {}", alias);
Review Comment:
I think it could happen in some cases when the password does not exist for
the following test.
`// let's make sure that a password that doesn't exist returns null
assertNull(WebAppUtils.getPassword(conf, "invalid-alias"));`
I will change it to WARN level :)
> Exposing Password Retrieval Process for Web Application Utilities in method
> `getPassword`
> -----------------------------------------------------------------------------------------
>
> Key: YARN-11726
> URL: https://issues.apache.org/jira/browse/YARN-11726
> Project: Hadoop YARN
> Issue Type: Improvement
> Components: yarn
> Affects Versions: 3.3.6
> Environment: Version: {{3.3.6}}
> Location:
> {{{}hadoop/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common/src/main/java/org/apache/hadoop/yarn/webapp/util/WebAppUtils.java{}}},
> in the {{getPassword}} method, lines 486-500.
> Reporter: LoggingResearch
> Assignee: chhinlinghean
> Priority: Major
> Labels: pull-request-available
> Attachments: TestWebAppUtils.java, original-vs-log-enhanced.md
>
>
> The method {{getPassword}} in {{WebAppUtils}} is responsible for securely
> retrieving passwords from the configuration based on the provided alias. If
> the alias is not set or if there's an issue during the retrieval, the system
> currently fails silently. Enhancing the logging within this method will
> provide more transparency and help diagnose configuration issues, such as
> missing or incorrect password aliases.
>
> *Expected Behavior:*
> The system should log the success or failure of password retrieval attempts,
> including any issues encountered during the process. This will improve
> traceability and allow administrators to more easily identify and correct
> misconfigurations or errors related to password management.
>
> *How-to-Fix:*
> We propose adding log statements to expose the success or failure of password
> retrieval operations. This will enhance the visibility of
> configuration-related issues, allowing administrators to better manage
> security credentials within YARN.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
