[KAFKA-289] hide security info of password of mongo in http response Created: 07/Feb/22  Updated: 27/Oct/23  Resolved: 14/Mar/22

Status: Closed
Project: Kafka Connector
Component/s: Configuration
Affects Version/s: 1.6.1
Fix Version/s: None

Type: Improvement Priority: Critical - P2
Reporter: jiazhi zhou Assignee: Robert Walters
Resolution: Gone away Votes: 0
Labels: external-user, web-serivce
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: PNG File screenshot-1.png     PNG File screenshot-2.png     PNG File screenshot-3.png    

 Description   

I can easily get the sensitive information of the mongo from http response below

curl -X GET http://localhost:8083/connectors/test

I believe it is not secure to return the sensitive information without encrypted.
is there a way to hide the sensitive information ?



 Comments   
Comment by PM Bot [ 14/Mar/22 ]

There hasn't been any recent activity on this ticket, so we're resolving it. Thanks for reaching out! Please feel free to comment on this if you're able to provide more information.

Comment by jiazhi zhou [ 15/Feb/22 ]

seems not working

Comment by Robert Walters [ 09/Feb/22 ]

zhoujiazhiwork@163.com Load Secrets
To avoid storing your authentication secrets as plain text in your connection.uri setting, load your secrets from a secure location as your connector starts. To learn how to load your secrets as your connector starts, see the Externalize Secrets guide from Confluent

 

Generated at Thu Feb 08 09:06:01 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.