Ismael Juma created KAFKA-2690:
----------------------------------
Summary: Protect passwords from logging
Key: KAFKA-2690
URL: https://issues.apache.org/jira/browse/KAFKA-2690
Project: Kafka
Issue Type: Sub-task
Components: security
Reporter: Ismael Juma
Fix For: 0.9.0.0
We currently store the key (ssl.key.password), keystore (ssl.keystore.password)
and truststore (ssl.truststore.password) passwords as a String in
`KafkaConfig`, `ConsumerConfig` and `ProducerConfig`.
The problem with this approach is that we may accidentally log the password
when logging the config.
A possible solution is to introduce a new `ConfigDef.Type` that overrides
`toString` so that the value is hidden.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
