falcon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ying Zheng (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (FALCON-1919) Provide user the option to store sensitive information with Hadoop credential provider
Date Wed, 11 May 2016 21:44:13 GMT

     [ https://issues.apache.org/jira/browse/FALCON-1919?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Ying Zheng updated FALCON-1919:
-------------------------------
    Description: 
Sensitive data, e.g. SSL keystore password, SMTP user name and password, Azure service bus
SAS key, ActiveMQ server password, etc., are stored as plain text in startup.properties. This
JIRA is to provide the user an option to store these sensitive data with Hadoop credential
provider for better security.

The property key of the alias to be resolved through Hadoop credential provider should have
the format: *.hadoop.security.alias.[property-key]. For example, if the alias name for keystore
password is "keystorepwd", the user should add "*.hadoop.security.alias.keystore.password=keystorepwd"
in startup.properties.

Note that Falcon will only try to resolve alias if the property value is not set directly
in startup.properties.


  was:
Sensitive data, e.g. SSL keystore password, SMTP user name and password, Azure service bus
SAS key, ActiveMQ server password, etc., are stored as plain text in startup.properties. This
jira is to provide the user an option to store these sensitive data with Hadoop credential
provider for better security.

Note that if startup.properties and Hadoop credential provider contain the same alias, Falcon
will take the one in startup.properties.



> Provide user the option to store sensitive information with Hadoop credential provider
> --------------------------------------------------------------------------------------
>
>                 Key: FALCON-1919
>                 URL: https://issues.apache.org/jira/browse/FALCON-1919
>             Project: Falcon
>          Issue Type: Improvement
>            Reporter: Ying Zheng
>            Assignee: Ying Zheng
>
> Sensitive data, e.g. SSL keystore password, SMTP user name and password, Azure service
bus SAS key, ActiveMQ server password, etc., are stored as plain text in startup.properties.
This JIRA is to provide the user an option to store these sensitive data with Hadoop credential
provider for better security.
> The property key of the alias to be resolved through Hadoop credential provider should
have the format: *.hadoop.security.alias.[property-key]. For example, if the alias name for
keystore password is "keystorepwd", the user should add "*.hadoop.security.alias.keystore.password=keystorepwd"
in startup.properties.
> Note that Falcon will only try to resolve alias if the property value is not set directly
in startup.properties.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message