orpiske opened a new issue #1050: URL: https://github.com/apache/camel-kafka-connector/issues/1050
We need to mark password and other sensitive fields with `ConfigDef.Type.PASSWORD` instead of `ConfigDef.Type.STRING` as we currently do (for example, [here](https://github.com/apache/camel-kafka-connector/blob/master/connectors/camel-aws2-sqs-kafka-connector/src/main/java/org/apache/camel/kafkaconnector/aws2sqs/CamelAws2sqsSourceConnectorConfig.java#L362)). By annotating the fields as String, sensitive information is displayed on the logs: ``` camel.component.aws2-s3.accessKey = accesskey ... camel.component.aws2-s3.secretKey ``` These values are likely leaking in other ways as well (to-be-confirmed: REST interface?) After marking the field as password, this is what appears in the logs ``` camel.component.aws2-s3.secretKey = [hidden] ``` Although we have redacted them from our own logs, they still appear in logs printed by Kafka Connect itself (as reported on the - now - relevant related issue #320). Since that issue has been closed for a while and since other sources of leakages have been fixed on #159, I opened this one with a specific goal in mind: prevent leakages on logs printed by Kafka Connect itself. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
