[KAFKA-9718] Don't log passwords for AlterConfigs requests in request logs - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.6.0, 2.5.1
Component/s: None
Labels:
None

Description

We currently avoid logging passwords in log files by logging only parsed values were passwords are logged as `[hidden]`. But for AlterConfigs requests in request logs, we log all entries since they just appear as string entries. Since we allow altering password configs like SSL key passwords and JAAS config, we shouldn't include these in log files.

Attachments

Issue Links

links to

GitHub Pull Request #8294

Activity

People

Assignee:: Rajini Sivaram

Reporter:: Rajini Sivaram

Reviewer:: Manikumar

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 13/Mar/20 10:53

Updated:: 05/May/20 21:23

Resolved:: 13/Mar/20 18:24