[KAFKA-5094] Censor SCRAM config change logging - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 0.10.2.0
Fix Version/s: 0.11.0.0
Component/s: log
Labels:
None

Description

(As mentioned in comment on ~~KAFKA-4943~~):

Another possibly bad thing is that Kafka logs the credentials in the clear too (0.10.2.0):

[2017-04-05 16:29:00,266] INFO Processing notification(s) to /config/changes (kafka.common.ZkNodeChangeNotificationListener)
[2017-04-05 16:29:00,282] INFO Processing override for entityPath: users/kafka with config: {SCRAM-SHA-512=salt=ZGl6dnRzeWQ5ZjJhNWo1bWdxN2draG96Ng==,stored_key=BEdel+ChGSnpdpV0f8s8J/fWlwZJbUtAD1N6FygpPLK1AiVjg0yiHCvigq1R2x+o72QSvNkyFITuVZMlrj8hZg==,server_key=/RZ/EcGAaXwAKvFknVpsBHzC4tBXBLPJQnN4tM/s0wJpMcR9qvvJTGKM9Nx+zoXCc9buNoCd+/2LpL+yWde+/w==,iterations=4096} (kafka.server.DynamicConfigManager)

Attachments

Issue Links

links to

GitHub Pull Request #2879

Activity

People

Assignee:: Rajini Sivaram

Reporter:: Johan Ström

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 20/Apr/17 04:58

Updated:: 21/Apr/17 09:52

Resolved:: 21/Apr/17 09:52