Binhua Hu created RANGER-3822: --------------------------------- Summary: RangerService outputs password information in plaintext Key: RANGER-3822 URL: https://issues.apache.org/jira/browse/RANGER-3822 Project: Ranger Issue Type: Improvement Components: admin Affects Versions: 2.2.0, 1.2.0 Reporter: Binhua Hu Assignee: Binhua Hu
RangerService outputs information in plaintext, causing the component password to be leaked.For example, when the Ranger service with the same name is created repeatedly, the password information of relevant components will be printed in the log. {code:java} 2022-07-11 10:08:59,505 [http-bio-6080-exec-4] ERROR org.apache.ranger.rest.ServiceRest(SericeREST.java:672) - createService(RangerService={id={null} guid={null} isEnabled={true} createdBy={null} updateBy={null} createTime={Thu Jan 01 08:00:00 GMT+8:00 1970} updateTime={Thu Jan 01 08:00:00 GMT+8:00 1970} version={1} name={service-kafka} type={kafka} description={null} tagService={null} configs={password={123456} username={admin}} policyVersion={0} policyUpdateTime={Thu Jan 01 08:00:00 GMT+8:00 1970} tagVersion={1} tagUpdateTime={Thu Jan 01 08:00:00 GMT+8:00 1970}}) failed{code} -- This message was sent by Atlassian Jira (v8.20.10#820010)