Don't print password in warn log for security

StarRocks · Oct 10, 2022 · b502a9c · b502a9c
1 parent e3b0d4a
commit b502a9c
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/fe/fe-core/src/main/java/com/starrocks/service/FrontendServiceImpl.java b/fe/fe-core/src/main/java/com/starrocks/service/FrontendServiceImpl.java
@@ -1228,7 +1228,8 @@ static TStatus checkPasswordAndLoadPrivilege(TAuthenticateParams authParams) {
             return new TStatus(TStatusCode.OK);
         }
 
-        LOG.debug("Receive parameter {}", authParams);
+        LOG.debug("Receive TAuthenticateParams [user: {}, host: {}, db: {}, tables: {}]",
+                authParams.user, authParams.getHost(), authParams.getDb_name(), authParams.getTable_names());
         if (!Config.enable_starrocks_external_table_auth_check) {
             LOG.debug("enable_starrocks_external_table_auth_check is disabled, " +
                     "and skip to check authorization and privilege for {}", authParams);
@@ -1245,7 +1246,8 @@ static TStatus checkPasswordAndLoadPrivilege(TAuthenticateParams authParams) {
             authInfo = BaseAction.parseAuthInfo(authParams.getUser(), authParams.getPasswd(), authParams.getHost());
             userIdentity = BaseAction.checkPassword(authInfo);
         } catch (Exception e) {
-            LOG.warn("Failed to check parameter {}", authParams, e);
+            LOG.warn("Failed to check TAuthenticateParams [user: {}, host: {}, db: {}, tables: {}]",
+                    authParams.user, authParams.getHost(), authParams.getDb_name(), authParams.getTable_names(), e);
             TStatus status = new TStatus(TStatusCode.NOT_AUTHORIZED);
             status.setError_msgs(Lists.newArrayList(e.getMessage(), "Please check that your user or password " +
                     "is correct", configHintMsg));
@@ -1270,7 +1272,8 @@ static TStatus checkPasswordAndLoadPrivilege(TAuthenticateParams authParams) {
             }
             return new TStatus(TStatusCode.OK);
         } catch (Exception e) {
-            LOG.warn("Failed to check parameter {}", authParams, e);
+            LOG.warn("Failed to check TAuthenticateParams [user: {}, host: {}, db: {}, tables: {}]",
+                    authParams.user, authParams.getHost(), authParams.getDb_name(), authParams.getTable_names(), e);
             TStatus status = new TStatus(TStatusCode.NOT_AUTHORIZED);
             status.setError_msgs(Lists.newArrayList(e.getMessage(), configHintMsg));
             return status;