Binhua Hu created RANGER-3822:
---------------------------------
Summary: RangerService outputs password information in plaintext
Key: RANGER-3822
URL: https://issues.apache.org/jira/browse/RANGER-3822
Project: Ranger
Issue Type: Improvement
Components: admin
Affects Versions: 2.2.0, 1.2.0
Reporter: Binhua Hu
Assignee: Binhua Hu
RangerService outputs information in plaintext, causing the component password
to be leaked.For example, when the Ranger service with the same name is created
repeatedly, the password information of relevant components will be printed in
the log.
{code:java}
2022-07-11 10:08:59,505 [http-bio-6080-exec-4] ERROR
org.apache.ranger.rest.ServiceRest(SericeREST.java:672) -
createService(RangerService={id={null} guid={null} isEnabled={true}
createdBy={null} updateBy={null} createTime={Thu Jan 01 08:00:00 GMT+8:00 1970}
updateTime={Thu Jan 01 08:00:00 GMT+8:00 1970} version={1} name={service-kafka}
type={kafka} description={null} tagService={null} configs={password={123456}
username={admin}} policyVersion={0} policyUpdateTime={Thu Jan 01 08:00:00
GMT+8:00 1970} tagVersion={1} tagUpdateTime={Thu Jan 01 08:00:00 GMT+8:00
1970}}) failed{code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
