You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lens.apache.org by "Amareshwari Sriramadasu (JIRA)" <ji...@apache.org> on 2015/08/31 13:28:45 UTC
[jira] [Updated] (LENS-446) hide server params in
/lensapi/session/params api
[ https://issues.apache.org/jira/browse/LENS-446?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Amareshwari Sriramadasu updated LENS-446:
-----------------------------------------
Fix Version/s: 2.4
> hide server params in /lensapi/session/params api
> -------------------------------------------------
>
> Key: LENS-446
> URL: https://issues.apache.org/jira/browse/LENS-446
> Project: Apache Lens
> Issue Type: Bug
> Components: server
> Reporter: Angad Singh
> Fix For: 2.4
>
>
> Lens is even showing sensitive properties like lens.server.db.jdbc.user and lens.server.db.jdbc.pass to the client. Server-side params should be hidden from this api
> api called:
> {noformat}
> http://internal-lens-server:9999/lensapi/session/params?sessionid=%3C?xml+version%3D%221.0%22+encoding%3D%22UTF-8%22+standalone%3D%22yes%22?%3E%3ClensSessionHandle%3E%3CpublicId%3E1ebec3a5-cd11-4a3d-b9d5-79e5d9707710%3C/publicId%3E%3CsecretId%3E524384d8-41c5-4459-87be-37fdde4ba14f%3C/secretId%3E%3C/lensSessionHandle%3E
> {noformat}
> sample output:
> {noformat}
> <stringList>
> <elements>hive.metastore.batch.retrieve.max=100</elements>
> <elements>
> hive.metastore.batch.retrieve.table.partition.max=500
> </elements>
> <elements>hive.metastore.client.connect.retry.delay=1</elements>
> <elements>hive.metastore.client.socket.timeout=20</elements>
> <elements>hive.metastore.connect.retries=5</elements>
> <elements>hive.metastore.failure.retries=3</elements>
> <elements>hive.metastore.uris=thrift://localhost:9083</elements>
> <elements>hive.server2.thrift.bind.host=localhost</elements>
> <elements>hive.server2.thrift.port=10000</elements>
> <elements>lens.client.dbname=default</elements>
> <elements>lens.client.user.name=anonymous</elements>
> <elements>lens.cube.query.disable.aggregate.resolver=false</elements>
> <elements>lens.cube.query.disable.auto.join=false</elements>
> <elements>lens.cube.query.fail.if.data.partial=true</elements>
> <elements>lens.cube.query.promote.select.togroupby=true</elements>
> <elements>lens.query.add.insert.overwrite=true</elements>
> <elements>lens.query.enable.mail.notify=false</elements>
> <elements>lens.query.enable.metrics.per.query=false</elements>
> <elements>lens.query.enable.persistent.resultset=false</elements>
> <elements>
> lens.query.enable.persistent.resultset.indriver=true
> </elements>
> <elements>lens.query.hdfs.output.path=hdfsout</elements>
> <elements>lens.query.output.charset.encoding=UTF-8</elements>
> <elements>
> lens.query.output.compression.codec=org.apache.hadoop.io.compress.GzipCodec
> </elements>
> <elements>lens.query.output.enable.compression=false</elements>
> <elements>lens.query.output.file.extn=.csv</elements>
> <elements>lens.query.output.write.footer=false</elements>
> <elements>lens.query.output.write.header=false</elements>
> <elements>
> lens.query.result.output.serde=org.apache.lens.lib.query.CSVSerde
> </elements>
> <elements>
> lens.query.result.parent.dir=file:///tmp/lensreports
> </elements>
> <elements>
> lens.query.result.size.format.threshold=10737418240
> </elements>
> <elements>lens.query.result.split.multiple=false</elements>
> <elements>lens.query.result.split.multiple.maxrows=100000</elements>
> <elements>lens.server.base.url=http://0.0.0.0:9999/lensapi</elements>
> <elements>lens.server.db.driver.name=com.mysql.jdbc.Driver</elements>
> <elements>lens.server.db.jdbc.pass={masked}</elements>
> <elements>
> lens.server.db.jdbc.url=jdbc:mysql://localhost:3306/lens
> </elements>
> <elements>lens.server.db.jdbc.user={masked}</elements>
> <elements>lens.server.db.validation.query=select 1</elements>
> <elements>
> lens.server.drivers=org.apache.lens.driver.hive.HiveDriver
> </elements>
> <elements>
> lens.session.aux.jars={masked}
> </elements>
> <elements>lens.session.cluster.user={masked}</elements>
> <elements>lens.session.loggedin.user=anonymous</elements>
> <elements>silent=off</elements>
> </stringList>
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)