hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry McCay (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HBASE-11810) Access SSL Passwords through Credential Provider API
Date Thu, 28 Aug 2014 23:03:08 GMT

     [ https://issues.apache.org/jira/browse/HBASE-11810?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Larry McCay updated HBASE-11810:
--------------------------------

    Attachment: HBASE_11810-2.patch

This patches addresses Andrew's review comments and adds appropriate logging. Note that it
indicates that the Configuration getPassword method is used or not. Can't really tell if getPassword
falls back to config or what the underlying provider happens to be - but I think this meets
your requirements.

> Access SSL Passwords through Credential Provider API
> ----------------------------------------------------
>
>                 Key: HBASE-11810
>                 URL: https://issues.apache.org/jira/browse/HBASE-11810
>             Project: HBase
>          Issue Type: Improvement
>          Components: security
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>         Attachments: HBASE_11810-2.patch, HBASE_11810.patch
>
>
> HADOOP-10607 introduced the credential provider API for allowing passwords and other
sensitive configuration items to be stored in an external provider.
> RESTServer is accessing passwords stored in clear text in Configuration through the standard
get() method. By using the new Configuration.getPassword method instead, the credential provider
API will be checked first then fall back to clear text - when allowed.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message