ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Levas (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AMBARI-13214) Create a credentials resource used to securely set, update, and remove credentials used by Ambari
Date Wed, 23 Sep 2015 20:46:04 GMT
Robert Levas created AMBARI-13214:
-------------------------------------

             Summary: Create a credentials resource used to securely set, update, and remove
credentials used by Ambari
                 Key: AMBARI-13214
                 URL: https://issues.apache.org/jira/browse/AMBARI-13214
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 2.1.3
            Reporter: Robert Levas
            Assignee: Robert Levas
            Priority: Critical
             Fix For: 2.1.3


Storage of the credentials is to be done using the existing _secure_ credentials provider
API which already exits within Ambari.  See {{org.apache.ambari.server.security.encryption.CredentialStoreService}}
and {{org.apache.ambari.server.security.encryption.CredentialStoreServiceImpl}}.

Credential may be stored in either Ambari's persistent or temporary secure storage facilities.


*Setting the credentials*
* Request 
{noformat}POST /api/v1/credentials/ALIAS_NAME{noformat}
{code:title=payload}
{
  "principal" : "USERNAME",
  "password" : "SECRET",
  "persist" : true
}
{code}
Where:
** principal:  the principal (or username) part of the credential to store
** password: the password part of the credential to store
** persist:  a boolean value indicating whether to store this credential in a persisted (true)
or temporary (false) secure credential store
* Responses
{code:title=200 OK}
<empty>
{code}
{code:title=400 Bad Request}
{
"status": 400,
"message": "Cannot persist credential in Ambari's secure credential store since secure storage
has not yet be configured.  Use ambari-server setup-security to enable this feature."
}
{code}
{color:red}*Note:* Error Codes TBD{color}

*Updating the credentials*
* Request
{noformat}PUT /api/v1/credentials/ALIAS_NAME{noformat}
{code:title=payload}
{
  "principal" : "USERNAME",
  "password" : "SECRET",
  "persist" : true
}
{code}
Where:
** principal:  the principal (or username) part of the credential to store
** password: the password part of the credential to store
** persist:  a boolean value indicating whether to store this credential in a persisted (true)
or temporary (false) secure credential store
* Responses
{code:title=200 OK}
<empty>
{code}
{code:title=400 Bad Request}
{
"status": 400,
"message": "Cannot persist credential in Ambari's secure credential store since secure storage
has not yet be configured.  Use ambari-server setup-security to enable this feature."
}
{code}
{color:red}*Note:* Error Codes TBD{color}

*Removing the credentials*
* Request
{noformat}DELETE /api/v1/credentials/ALIAS_NAME{noformat}
* Responses
{code:title=200 OK}
<empty>
{code}
{code:title=404 Not Found}
{
"status": 404,
"message": "Not Found"
}
{code}

*Retrieving the credentials*
* Request
{noformat}GET /api/v1/credentials/ALIAS_NAME{noformat}
* Responses 
{code:title=404 Not Found}
{
"status": 404,
"message": "Not Found"
}
{code}
*Note*: only one response will be returned for this request since GETs will not be allowed
due to security reasons.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message