Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-9718

Don't log passwords for AlterConfigs requests in request logs

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.6.0, 2.5.1
    • Component/s: None
    • Labels:
      None

      Description

      We currently avoid logging passwords in log files by logging only parsed values were passwords are logged as `[hidden]`. But for AlterConfigs requests in request logs, we log all entries since they just appear as string entries. Since we allow altering password configs like SSL key passwords and JAAS config, we shouldn't include these in log files.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                rsivaram Rajini Sivaram
                Reporter:
                rsivaram Rajini Sivaram
                Reviewer:
                Manikumar
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: