falcon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ying Zheng (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (FALCON-1919) Provide user the option to store sensitive information with Hadoop credential provider
Date Tue, 17 May 2016 22:41:13 GMT

     [ https://issues.apache.org/jira/browse/FALCON-1919?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Ying Zheng updated FALCON-1919:
-------------------------------
    Issue Type: New Feature  (was: Improvement)

> Provide user the option to store sensitive information with Hadoop credential provider
> --------------------------------------------------------------------------------------
>
>                 Key: FALCON-1919
>                 URL: https://issues.apache.org/jira/browse/FALCON-1919
>             Project: Falcon
>          Issue Type: New Feature
>            Reporter: Ying Zheng
>            Assignee: Ying Zheng
>             Fix For: trunk
>
>
> Sensitive data, e.g. SSL keystore password, SMTP user name and password, Azure service
bus SAS key, ActiveMQ server password, etc., are stored as plain text in startup.properties.
This JIRA is to provide the user an option to store these sensitive data with Hadoop credential
provider for better security.
> The property key of the alias to be resolved through Hadoop credential provider should
have the format: hadoop.security.alias.[property-key]. For example, if the alias name for
keystore password is "keystorepwd", the user should add "hadoop.security.alias.keystore.password=keystorepwd"
in startup.properties.
> The user can specify the provider path with property key "hadoop.security.credential.provider.path".
Falcon will use the default provider path in core-site.xml if not specified in startup.properties.
> Note that Falcon will only try to resolve alias if the property value is not set directly
in startup.properties.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message