Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-9682

setting log4j.logger.org.apache.cassandra=DEBUG causes keyspace username/password to show up in system.log

    XMLWordPrintableJSON

    Details

      Description

      if using a third party log aggregator (which many cloud users use), this causes db credentials to be reproduced offsite, which has potential to be security issue. I would prefer the ability to disable the logging of this information while still setting log4j.logger.org.apache.cassandra=DEBUG

      example system.log entry:

      DEBUG [Native-Transport-Requests:373] 2015-06-21 07:52:44,595 Message.java (line 326) Responding: AUTHENTICATE org.apache.cassandra.auth.PasswordAuthenticator, v=1
      DEBUG [Native-Transport-Requests:384] 2015-06-21 07:52:44,597 Message.java (line 319) Received: CREDENTIALS {username=redacted, password=redacted}, v=1
      

        Attachments

        1. 9682.txt
          0.9 kB
          Sam Tunnicliffe

          Activity

            People

            • Assignee:
              samt Sam Tunnicliffe
              Reporter:
              furrowedbrow Victor Chen
              Authors:
              Sam Tunnicliffe
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: