Description
RangerService outputs information in plaintext, causing the component password to be leaked.For example, when the Ranger service with the same name is created repeatedly, the password information of relevant components will be printed in the log.
2022-07-11 10:08:59,505 [http-bio-6080-exec-4] ERROR org.apache.ranger.rest.ServiceRest(SericeREST.java:672) - createService(RangerService={id={null} guid={null} isEnabled={true} createdBy={null} updateBy={null} createTime={Thu Jan 01 08:00:00 GMT+8:00 1970} updateTime={Thu Jan 01 08:00:00 GMT+8:00 1970} version={1} name={service-kafka} type={kafka} description={null} tagService={null} configs={password={123456} username={admin}} policyVersion={0} policyUpdateTime={Thu Jan 01 08:00:00 GMT+8:00 1970} tagVersion={1} tagUpdateTime={Thu Jan 01 08:00:00 GMT+8:00 1970}}) failed