[ https://issues.apache.org/jira/browse/LENS-446?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14948423#comment-14948423 ]
Hudson commented on LENS-446: ----------------------------- FAILURE: Integrated in Lens-Commit #1099 (See [https://builds.apache.org/job/Lens-Commit/1099/]) LENS-446: Remove server params from session and driver configurations (raju.bairishetti: rev 7080b76c63a82e09b5d42c2d2b7458f80b1085f8) * lens-server/src/main/java/org/apache/lens/server/query/QueryExecutionServiceImpl.java * lens-server/src/test/java/org/apache/lens/server/query/TestQueryService.java * lens-server/src/main/java/org/apache/lens/server/LensApplication.java * lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java * lens-server/src/main/java/org/apache/lens/server/LensServerConf.java * lens-server/src/test/java/org/apache/lens/server/session/TestSessionResource.java > server params should not be passed to session and drivers > --------------------------------------------------------- > > Key: LENS-446 > URL: https://issues.apache.org/jira/browse/LENS-446 > Project: Apache Lens > Issue Type: Bug > Components: server > Reporter: Angad Singh > Assignee: Amareshwari Sriramadasu > Fix For: 2.4 > > Attachments: LENS-446.patch > > > Lens is even showing sensitive properties like lens.server.db.jdbc.user and > lens.server.db.jdbc.pass to the client. Server-side params should be hidden > from this api > api called: > {noformat} > http://internal-lens-server:9999/lensapi/session/params?sessionid=%3C?xml+version%3D%221.0%22+encoding%3D%22UTF-8%22+standalone%3D%22yes%22?%3E%3ClensSessionHandle%3E%3CpublicId%3E1ebec3a5-cd11-4a3d-b9d5-79e5d9707710%3C/publicId%3E%3CsecretId%3E524384d8-41c5-4459-87be-37fdde4ba14f%3C/secretId%3E%3C/lensSessionHandle%3E > {noformat} > sample output: > {noformat} > <stringList> > <elements>hive.metastore.batch.retrieve.max=100</elements> > <elements> > hive.metastore.batch.retrieve.table.partition.max=500 > </elements> > <elements>hive.metastore.client.connect.retry.delay=1</elements> > <elements>hive.metastore.client.socket.timeout=20</elements> > <elements>hive.metastore.connect.retries=5</elements> > <elements>hive.metastore.failure.retries=3</elements> > <elements>hive.metastore.uris=thrift://localhost:9083</elements> > <elements>hive.server2.thrift.bind.host=localhost</elements> > <elements>hive.server2.thrift.port=10000</elements> > <elements>lens.client.dbname=default</elements> > <elements>lens.client.user.name=anonymous</elements> > <elements>lens.cube.query.disable.aggregate.resolver=false</elements> > <elements>lens.cube.query.disable.auto.join=false</elements> > <elements>lens.cube.query.fail.if.data.partial=true</elements> > <elements>lens.cube.query.promote.select.togroupby=true</elements> > <elements>lens.query.add.insert.overwrite=true</elements> > <elements>lens.query.enable.mail.notify=false</elements> > <elements>lens.query.enable.metrics.per.query=false</elements> > <elements>lens.query.enable.persistent.resultset=false</elements> > <elements> > lens.query.enable.persistent.resultset.indriver=true > </elements> > <elements>lens.query.hdfs.output.path=hdfsout</elements> > <elements>lens.query.output.charset.encoding=UTF-8</elements> > <elements> > lens.query.output.compression.codec=org.apache.hadoop.io.compress.GzipCodec > </elements> > <elements>lens.query.output.enable.compression=false</elements> > <elements>lens.query.output.file.extn=.csv</elements> > <elements>lens.query.output.write.footer=false</elements> > <elements>lens.query.output.write.header=false</elements> > <elements> > lens.query.result.output.serde=org.apache.lens.lib.query.CSVSerde > </elements> > <elements> > lens.query.result.parent.dir=file:///tmp/lensreports > </elements> > <elements> > lens.query.result.size.format.threshold=10737418240 > </elements> > <elements>lens.query.result.split.multiple=false</elements> > <elements>lens.query.result.split.multiple.maxrows=100000</elements> > <elements>lens.server.base.url=http://0.0.0.0:9999/lensapi</elements> > <elements>lens.server.db.driver.name=com.mysql.jdbc.Driver</elements> > <elements>lens.server.db.jdbc.pass={masked}</elements> > <elements> > lens.server.db.jdbc.url=jdbc:mysql://localhost:3306/lens > </elements> > <elements>lens.server.db.jdbc.user={masked}</elements> > <elements>lens.server.db.validation.query=select 1</elements> > <elements> > lens.server.drivers=org.apache.lens.driver.hive.HiveDriver > </elements> > <elements> > lens.session.aux.jars={masked} > </elements> > <elements>lens.session.cluster.user={masked}</elements> > <elements>lens.session.loggedin.user=anonymous</elements> > <elements>silent=off</elements> > </stringList> > {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332)