> On Feb. 22, 2017, 10:20 a.m., Peter Vary wrote: > > jdbc/src/java/org/apache/hive/jdbc/Utils.java, lines 398-400 > > <https://reviews.apache.org/r/56763/diff/1-2/?file=1637751#file1637751line398> > > > > As far as I know the Java String is immutable, which might cause > > problems here. > > > > Looking through the valid jdbc url-s, I have found this example in the > > official apache page: > > > > "jdbc:hive2://<host>:<port>/<db>;ssl=true;twoWay=true;sslTrustStore=<trust_store_path>;trustStorePassword=<trust_store_password>;sslKeyStore=<key_store_path>;keyStorePassword=<key_store_password>?transportMode=http;httpPath=<http_endpoint>" > > > > These are two other passwords which might be logged out and most > > probably should not. > > > > Also hiveconf variables might contain passwords as well. See: > > HIVE_CONF_HIDDEN_LIST > > > > It is getting complicated to remove every possible password. I am > > inclined to remove the logging of the uri altogether, or at least remove > > every value from the uri before logging it out to have a cleaner code. What > > do you think? > > > > If we keep the complicated algorithm for removing passwords it might be > > a good idea to have a test for it. > > > > Thanks, > > Peter
I have found this in the official page too: "This is helpful when the end user needs to send identity in an HTTP header down to intermediate servers such as Knox via Beeline for authentication, for example http.header.USERNAME=<value1>;http.header.PASSWORD=<value2>" It is an edge case, but still... - Peter ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/56763/#review166345 ----------------------------------------------------------- On Feb. 21, 2017, 9:01 p.m., Vaibhav Gumashta wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/56763/ > ----------------------------------------------------------- > > (Updated Feb. 21, 2017, 9:01 p.m.) > > > Review request for hive, Peter Vary and Thejas Nair. > > > Bugs: HIVE-15931 > https://issues.apache.org/jira/browse/HIVE-15931 > > > Repository: hive-git > > > Description > ------- > > https://issues.apache.org/jira/browse/HIVE-15931 > > > Diffs > ----- > > jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java 535ad3d > jdbc/src/java/org/apache/hive/jdbc/HiveDriver.java a349f8b > jdbc/src/java/org/apache/hive/jdbc/Utils.java bfae8b9 > jdbc/src/java/org/apache/hive/jdbc/ZooKeeperHiveClientHelper.java 8d6003a > > Diff: https://reviews.apache.org/r/56763/diff/ > > > Testing > ------- > > > Thanks, > > Vaibhav Gumashta > >
