Uploaded image for project: 'Migration Toolkit for Virtualization'
  1. Migration Toolkit for Virtualization
  2. MTV-495

[RHV] Prevent password to RHVM from being shown in UI and logs

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Undefined Undefined
    • 2.5.0
    • 2.4.0
    • None
    • None
    • False
    • None
    • False

      Currently, the provider's password can be seen in some error message,  such as the following error that occurred when it failed to connect with provider:

      Connection test, failed: GET failed. caused by: 'Get "https://hosted-engine-x.lab.eng.tlv2.redhat.com/ovirt-engine/sso/oauth/token?grant_type=password&password=xxx&scope=ovirt-app-api&username=admin%40internal": dial tcp 10.x.x.x:443: i/o timeout'

      This error can be seen on Providers page when clicking on the Connection Failed status, and also in the provider's yaml file.
       
      The plain password shouldn't be shown in UI, yaml, or logs.

            mnecas@redhat.com Martin Necas
            rhn-support-qiyuan Qin Yuan
            Nisim Simsolo Nisim Simsolo
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: