Administrator password displayed when users query meta data

kha_tran · February 13, 2015, 10:48pm

Hi,

I started cbq-engine with Administrator userid and password because all buckets are password protected.

The issue I see with N1QL now is the administrator password is displayed when users query the meta data as shown below.
I think N1QL should mask out the password in the output.

I used this query:
http://dev1:8093/query?statement=SELECT * FROM system:datastores

Output:
{
“requestID”: “31eeb5e6-444c-4b4c-b071-e2e7f08d88f7”,
“signature”: {
},
“results”: [
{
“datastores”: {
“id”: “http://Administrator:AdminPASSWORD@cbserver1:8091/beersample2”,
],
“status”: “success”,
…

simonbasle · February 17, 2015, 10:08am

moved this to the N1QL category so that @geraldss and the Query team can see it

geraldss · February 17, 2015, 5:32pm

Thanks for catching this. Filed a bug: https://issues.couchbase.com/browse/MB-13489

Topic		Replies	Views
Provide access to run N1QL queries to end users Couchbase Server	2	1612	July 19, 2016
Bucket passwords and N1QL SQL++ 40-rc	7	5718	November 3, 2015
Querying password enabled bucket with N1QL or CBQ SQL++ n1ql	1	1808	January 5, 2017
Bucket pwd and n1ql query .NET SDK	1	1536	June 14, 2019
Don't see bucket (password protected) in CBworkbench SQL++	4	2698	January 15, 2016

Administrator password displayed when users query meta data

Related topics