/** * Strips hidden config entries from configuration */ public void stripHiddenConfigurations(Configuration conf) { HiveConfUtil.stripConfigurations(conf, hiddenSet); }
/** * Searches the given configuration object and replaces all the configuration values for keys * defined hive.conf.hidden.list by empty String * * @param conf - Configuration object which needs to be modified to remove sensitive keys */ public static void stripConfigurations(Configuration conf) { Set<String> hiddenSet = getHiddenSet(conf); stripConfigurations(conf, hiddenSet); }
public static void dumpConfig(Configuration originalConf, StringBuilder sb) { Set<String> hiddenSet = getHiddenSet(originalConf); sb.append("Values omitted for security reason if present: ").append(hiddenSet).append("\n"); Configuration conf = new Configuration(originalConf); stripConfigurations(conf, hiddenSet); Iterator<Map.Entry<String, String>> configIter = conf.iterator(); List<Map.Entry<String, String>> configVals = new ArrayList<>(); while(configIter.hasNext()) { configVals.add(configIter.next()); } Collections.sort(configVals, new Comparator<Map.Entry<String, String>>() { @Override public int compare(Map.Entry<String, String> ent, Map.Entry<String, String> ent2) { return ent.getKey().compareTo(ent2.getKey()); } }); for(Map.Entry<String, String> entry : configVals) { //use get() to make sure variable substitution works if(entry.getKey().toLowerCase().contains("path")) { StringTokenizer st = new StringTokenizer(conf.get(entry.getKey()), File.pathSeparator); sb.append(entry.getKey()).append("=\n"); while(st.hasMoreTokens()) { sb.append(" ").append(st.nextToken()).append(File.pathSeparator).append('\n'); } } else { sb.append(entry.getKey()).append('=').append(conf.get(entry.getKey())).append('\n'); } } }
/** * Guts of the servlet - extracted for easy testing. */ static void writeResponse(Configuration conf, Writer out, String format) throws IOException, BadFormatException { //redact the sensitive information from the configuration values Configuration hconf = new Configuration(conf); HiveConfUtil.stripConfigurations(hconf); if (FORMAT_JSON.equals(format)) { Configuration.dumpConfiguration(hconf, out); } else if (FORMAT_XML.equals(format)) { hconf.writeXml(out); } else { throw new BadFormatException("Bad format: " + format); } }
@Test public void testHideStringVar() throws Exception { Assert.assertEquals("aaa", conf.get("dummy")); HiveConfUtil.stripConfigurations(conf, Sets.newHashSet("dummy")); Assert.assertEquals("", conf.get("dummy")); }
@Test public void testHideNonStringVar() throws Exception { Assert.assertTrue(conf.getBoolean("dummyBoolean", false)); Assert.assertEquals("true", conf.get("dummyBoolean")); HiveConfUtil.stripConfigurations(conf, Sets.newHashSet("dummyBoolean")); Assert.assertFalse(conf.getBoolean("dummyBoolean", false)); Assert.assertEquals("", conf.get("dummyBoolean")); }
@Test public void testHideMultipleVars() throws Exception { Assert.assertEquals("aaa", conf.get("dummy")); Assert.assertEquals("aaa", conf.get("dummy2")); Assert.assertEquals("aaa", conf.get("3dummy")); HiveConfUtil.stripConfigurations(conf, Sets.newHashSet("dummy")); Assert.assertEquals("", conf.get("dummy")); Assert.assertEquals("", conf.get("dummy2")); Assert.assertEquals("aaa", conf.get("3dummy")); }
/** * Strips hidden config entries from configuration */ public void stripHiddenConfigurations(Configuration conf) { HiveConfUtil.stripConfigurations(conf, hiddenSet); }
/** * Searches the given configuration object and replaces all the configuration values for keys * defined hive.conf.hidden.list by empty String * * @param conf - Configuration object which needs to be modified to remove sensitive keys */ public static void stripConfigurations(Configuration conf) { Set<String> hiddenSet = getHiddenSet(conf); stripConfigurations(conf, hiddenSet); }
public static void dumpConfig(Configuration originalConf, StringBuilder sb) { Set<String> hiddenSet = getHiddenSet(originalConf); sb.append("Values omitted for security reason if present: ").append(hiddenSet).append("\n"); Configuration conf = new Configuration(originalConf); stripConfigurations(conf, hiddenSet); Iterator<Map.Entry<String, String>> configIter = conf.iterator(); List<Map.Entry<String, String>> configVals = new ArrayList<>(); while(configIter.hasNext()) { configVals.add(configIter.next()); } Collections.sort(configVals, new Comparator<Map.Entry<String, String>>() { @Override public int compare(Map.Entry<String, String> ent, Map.Entry<String, String> ent2) { return ent.getKey().compareTo(ent2.getKey()); } }); for(Map.Entry<String, String> entry : configVals) { //use get() to make sure variable substitution works if(entry.getKey().toLowerCase().contains("path")) { StringTokenizer st = new StringTokenizer(conf.get(entry.getKey()), File.pathSeparator); sb.append(entry.getKey()).append("=\n"); while(st.hasMoreTokens()) { sb.append(" ").append(st.nextToken()).append(File.pathSeparator).append('\n'); } } else { sb.append(entry.getKey()).append('=').append(conf.get(entry.getKey())).append('\n'); } } }
/** * Guts of the servlet - extracted for easy testing. */ static void writeResponse(Configuration conf, Writer out, String format) throws IOException, BadFormatException { //redact the sensitive information from the configuration values Configuration hconf = new Configuration(conf); HiveConfUtil.stripConfigurations(hconf); if (FORMAT_JSON.equals(format)) { Configuration.dumpConfiguration(hconf, out); } else if (FORMAT_XML.equals(format)) { hconf.writeXml(out); } else { throw new BadFormatException("Bad format: " + format); } }