hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Varun Vasudev (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-2373) WebAppUtils Should Use configuration.getPassword for Accessing SSL Passwords
Date Fri, 08 Aug 2014 11:29:17 GMT

    [ https://issues.apache.org/jira/browse/YARN-2373?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14090659#comment-14090659
] 

Varun Vasudev commented on YARN-2373:
-------------------------------------

[~lmccay] thanks for the patch! Some general questions(since this is part of a larger effort)
-
1. For the null case(where the WebAppUtils.getPassword() returns null), should we add a warning
or an audit log that someone was trying to get a password that was null?
2. Will you update documentation in another ticket(just to let users know that they can use
a CredentialProvider instead of using plain text)?

Other than that, it looks good to me.

> WebAppUtils Should Use configuration.getPassword for Accessing SSL Passwords
> ----------------------------------------------------------------------------
>
>                 Key: YARN-2373
>                 URL: https://issues.apache.org/jira/browse/YARN-2373
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: Larry McCay
>         Attachments: YARN-2373.patch, YARN-2373.patch, YARN-2373.patch
>
>
> As part of HADOOP-10904, this jira represents a change to WebAppUtils to uptake the use
of the credential provider API through the new method on Configuration called getPassword.
> This provides an alternative to storing the passwords in clear text within the ssl-server.xml
file while maintaining backward compatibility with that behavior.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message