You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lens.apache.org by "Angad Singh (JIRA)" <ji...@apache.org> on 2015/03/25 12:48:52 UTC
[jira] [Created] (LENS-446) hide server params in
/lensapi/session/params api
Angad Singh created LENS-446:
--------------------------------
Summary: hide server params in /lensapi/session/params api
Key: LENS-446
URL: https://issues.apache.org/jira/browse/LENS-446
Project: Apache Lens
Issue Type: Bug
Components: server
Reporter: Angad Singh
Lens is even showing sensitive properties like lens.server.db.jdbc.user and lens.server.db.jdbc.pass to the client. Server-side params should be hidden from this api
api called:
{noformat}
http://internal-lens-server:9999/lensapi/session/params?sessionid=%3C?xml+version%3D%221.0%22+encoding%3D%22UTF-8%22+standalone%3D%22yes%22?%3E%3ClensSessionHandle%3E%3CpublicId%3E1ebec3a5-cd11-4a3d-b9d5-79e5d9707710%3C/publicId%3E%3CsecretId%3E524384d8-41c5-4459-87be-37fdde4ba14f%3C/secretId%3E%3C/lensSessionHandle%3E
{noformat}
sample output:
{noformat}
<stringList>
<elements>hive.metastore.batch.retrieve.max=100</elements>
<elements>
hive.metastore.batch.retrieve.table.partition.max=500
</elements>
<elements>hive.metastore.client.connect.retry.delay=1</elements>
<elements>hive.metastore.client.socket.timeout=20</elements>
<elements>hive.metastore.connect.retries=5</elements>
<elements>hive.metastore.failure.retries=3</elements>
<elements>hive.metastore.uris=thrift://localhost:9083</elements>
<elements>hive.server2.thrift.bind.host=localhost</elements>
<elements>hive.server2.thrift.port=10000</elements>
<elements>lens.client.dbname=default</elements>
<elements>lens.client.user.name=anonymous</elements>
<elements>lens.cube.query.disable.aggregate.resolver=false</elements>
<elements>lens.cube.query.disable.auto.join=false</elements>
<elements>lens.cube.query.fail.if.data.partial=true</elements>
<elements>lens.cube.query.promote.select.togroupby=true</elements>
<elements>lens.query.add.insert.overwrite=true</elements>
<elements>lens.query.enable.mail.notify=false</elements>
<elements>lens.query.enable.metrics.per.query=false</elements>
<elements>lens.query.enable.persistent.resultset=false</elements>
<elements>
lens.query.enable.persistent.resultset.indriver=true
</elements>
<elements>lens.query.hdfs.output.path=hdfsout</elements>
<elements>lens.query.output.charset.encoding=UTF-8</elements>
<elements>
lens.query.output.compression.codec=org.apache.hadoop.io.compress.GzipCodec
</elements>
<elements>lens.query.output.enable.compression=false</elements>
<elements>lens.query.output.file.extn=.csv</elements>
<elements>lens.query.output.write.footer=false</elements>
<elements>lens.query.output.write.header=false</elements>
<elements>
lens.query.result.output.serde=org.apache.lens.lib.query.CSVSerde
</elements>
<elements>
lens.query.result.parent.dir=file:///tmp/lensreports
</elements>
<elements>
lens.query.result.size.format.threshold=10737418240
</elements>
<elements>lens.query.result.split.multiple=false</elements>
<elements>lens.query.result.split.multiple.maxrows=100000</elements>
<elements>lens.server.base.url=http://0.0.0.0:9999/lensapi</elements>
<elements>lens.server.db.driver.name=com.mysql.jdbc.Driver</elements>
<elements>lens.server.db.jdbc.pass={masked}</elements>
<elements>
lens.server.db.jdbc.url=jdbc:mysql://localhost:3306/lens
</elements>
<elements>lens.server.db.jdbc.user={masked}</elements>
<elements>lens.server.db.validation.query=select 1</elements>
<elements>
lens.server.drivers=org.apache.lens.driver.hive.HiveDriver
</elements>
<elements>
lens.session.aux.jars={masked}
</elements>
<elements>lens.session.cluster.user={masked}</elements>
<elements>lens.session.loggedin.user=anonymous</elements>
<elements>silent=off</elements>
</stringList>
{noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)