hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Konstantin Shvachko (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (HADOOP-15325) Make Configuration#getPasswordFromCredentialsProvider() a public API
Date Fri, 30 Mar 2018 01:11:00 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-15325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Konstantin Shvachko resolved HADOOP-15325.
------------------------------------------
    Resolution: Implemented

This has been incorporated into HADOOP-12862.

> Make Configuration#getPasswordFromCredentialsProvider() a public API
> --------------------------------------------------------------------
>
>                 Key: HADOOP-15325
>                 URL: https://issues.apache.org/jira/browse/HADOOP-15325
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: conf
>    Affects Versions: 2.6.0
>            Reporter: Wei-Chiu Chuang
>            Assignee: Zsolt Venczel
>            Priority: Major
>
> HADOOP-10607 added a public API Configuration.getPassword() which reads passwords from
credential provider and then falls back to reading from configuration if one is not available.
> This API has been used throughout Hadoop codebase and downstream applications. It is
understandable for old password configuration keys to fallback to configuration to maintain
backward compatibility. But for new configuration passwords that don't have legacy, there
should be an option to _not_ fallback, because storing passwords in configuration is considered
a bad security practice.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-dev-help@hadoop.apache.org


Mime
View raw message