[
https://issues.apache.org/jira/browse/RANGER-3822?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Madhan Neethiraj updated RANGER-3822:
-------------------------------------
Fix Version/s: 2.4.0
> RangerService outputs password information in plaintext
> -------------------------------------------------------
>
> Key: RANGER-3822
> URL: https://issues.apache.org/jira/browse/RANGER-3822
> Project: Ranger
> Issue Type: Improvement
> Components: admin
> Affects Versions: 1.2.0, 2.2.0
> Reporter: Binhua Hu
> Assignee: Binhua Hu
> Priority: Major
> Fix For: 3.0.0, 2.4.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> RangerService outputs information in plaintext, causing the component
> password to be leaked.For example, when the Ranger service with the same name
> is created repeatedly, the password information of relevant components will
> be printed in the log.
> {code:java}
> 2022-07-11 10:08:59,505 [http-bio-6080-exec-4] ERROR
> org.apache.ranger.rest.ServiceRest(SericeREST.java:672) -
> createService(RangerService={id={null} guid={null} isEnabled={true}
> createdBy={null} updateBy={null} createTime={Thu Jan 01 08:00:00 GMT+8:00
> 1970} updateTime={Thu Jan 01 08:00:00 GMT+8:00 1970} version={1}
> name={service-kafka} type={kafka} description={null} tagService={null}
> configs={password={123456} username={admin}} policyVersion={0}
> policyUpdateTime={Thu Jan 01 08:00:00 GMT+8:00 1970} tagVersion={1}
> tagUpdateTime={Thu Jan 01 08:00:00 GMT+8:00 1970}}) failed{code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
