Re: Review Request 68710: HIVE-20544: TOpenSessionReq logs password and username

Karen Coppage via Review Board Fri, 21 Sep 2018 08:32:06 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68710/
-----------------------------------------------------------


(Updated Sept. 21, 2018, 3:31 p.m.)


Review request for hive and Laszlo Pinter.


Changes
-------

Password is masked by Maven in process-sources phase of build.


Bugs: HIVE-20544
    https://issues.apache.org/jira/browse/HIVE-20544


Repository: hive-git


Description
-------

TOpenSessionReq, if client protocol is unset, both username and password are 
logged. Logging a password is a security risk. This patch would hide it with 
asterisks.


Diffs (updated)
-----

  service-rpc/pom.xml d6a07a55bc 
  
service-rpc/src/gen/thrift/gen-javabean/org/apache/hive/service/rpc/thrift/TOpenSessionReq.java
 3195e704f3 


Diff: https://reviews.apache.org/r/68710/diff/3/

Changes: https://reviews.apache.org/r/68710/diff/2-3/


Testing
-------


Thanks,

Karen Coppage

Re: Review Request 68710: HIVE-20544: TOpenSessionReq logs password and username

Reply via email to