You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/04/14 13:17:00 UTC
[jira] [Work logged] (HIVE-26142) Extend the hidden conf list with webui keystore pwd
[ https://issues.apache.org/jira/browse/HIVE-26142?focusedWorklogId=756957&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-756957 ]
ASF GitHub Bot logged work on HIVE-26142:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 14/Apr/22 13:16
Start Date: 14/Apr/22 13:16
Worklog Time Spent: 10m
Work Description: kovjanos opened a new pull request, #3212:
URL: https://github.com/apache/hive/pull/3212
### What changes were proposed in this pull request?
Securing the WebUI SSL keystore password
### Why are the changes needed?
Without the fix the users can see the keystore password of the SSL configured WebUI
### Does this PR introduce _any_ user-facing change?
No
### How was this patch tested?
Already existing test case was extended
Issue Time Tracking
-------------------
Worklog Id: (was: 756957)
Remaining Estimate: 0h
Time Spent: 10m
> Extend the hidden conf list with webui keystore pwd
> ----------------------------------------------------
>
> Key: HIVE-26142
> URL: https://issues.apache.org/jira/browse/HIVE-26142
> Project: Hive
> Issue Type: Bug
> Components: Security
> Reporter: Janos Kovacs
> Assignee: Janos Kovacs
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The SSL keystore configuration is separated for HS2 itself and the WebUI. The hidden configuration list only contains server2.keystore.password but should also contain server2.webui.keystore.password.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)