tchekai704
/
src-kafka
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

KAFKA-3830; getTGT() debug logging exposes confidential information 

Only log the client and server principals, which is what ZooKeeper does after ZOOKEEPER-2405.

Author: Ismael Juma <ismael@juma.me.uk>

Reviewers: Grant Henke <granthenke@gmail.com>, Sriharsha Chintalapani <harsha@hortonworks.com>

Closes #1498 from ijuma/kafka-3830-get-tgt-debug-confidential
pull/1363/merge
Ismael Juma 9 years ago committed by Sriharsha Chintalapani
parent
9ff54cb5dd
commit
84ca887295
1 changed files with 2 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      clients/src/main/java/org/apache/kafka/common/security/kerberos/KerberosLogin.java

3
clients/src/main/java/org/apache/kafka/common/security/kerberos/KerberosLogin.java
Unescape View File

@ -334,7 +334,8 @@ public class KerberosLogin extends AbstractLogin { @@ -334,7 +334,8 @@ public class KerberosLogin extends AbstractLogin {
for (KerberosTicket ticket : tickets) {
KerberosPrincipal server = ticket.getServer();
if (server.getName().equals("krbtgt/" + server.getRealm() + "@" + server.getRealm())) {
log.debug("Found TGT {}.", ticket);
log.debug("Found TGT with client principal '{}' and server principal '{}'.", ticket.getClient().getName(),
ticket.getServer().getName());
return ticket;
}
}

Write Preview
Loading…
Cancel
Save