sqoop-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SQOOP-1471) Use Hadoop CredentialProvider API to encyrpt passwords at rest
Date Wed, 08 Oct 2014 22:07:33 GMT

    [ https://issues.apache.org/jira/browse/SQOOP-1471?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14164266#comment-14164266
] 

Hudson commented on SQOOP-1471:
-------------------------------

SUCCESS: Integrated in Sqoop-ant-jdk-1.6-hadoop200 #945 (See [https://builds.apache.org/job/Sqoop-ant-jdk-1.6-hadoop200/945/])
SQOOP-1471: Use Hadoop CredentialProvider API to encyrpt passwords at rest (abraham: https://git-wip-us.apache.org/repos/asf?p=sqoop.git&a=commit&h=65a9340fc22fcc3c1d2c64b3976994aa1c419b8f)
* src/java/org/apache/sqoop/SqoopOptions.java
* src/test/org/apache/sqoop/credentials/TestPassingSecurePassword.java
* src/java/org/apache/sqoop/tool/BaseSqoopTool.java
* src/java/org/apache/sqoop/util/password/CredentialProviderHelper.java
* src/java/org/apache/sqoop/util/password/FilePasswordLoader.java
* src/docs/user/connecting.txt
* src/java/org/apache/sqoop/util/password/CredentialProviderPasswordLoader.java


> Use Hadoop CredentialProvider API to encyrpt passwords at rest
> --------------------------------------------------------------
>
>                 Key: SQOOP-1471
>                 URL: https://issues.apache.org/jira/browse/SQOOP-1471
>             Project: Sqoop
>          Issue Type: Improvement
>    Affects Versions: 1.4.4, 1.4.5
>         Environment: Hadoop 2.6.0+
>            Reporter: Venkat Ranganathan
>            Assignee: Venkat Ranganathan
>             Fix For: 1.4.6
>
>         Attachments: SQOOP-1471.diff, SQOOP-1471.diff.2, SQOOP-1471.diff.3, SQOOP-1471.diff.4
>
>
> HADOOP-10607 introduces an API to isolate password Storage from applications.   This
can be used to provide the DB password in a secure fashion to Sqoop users.
> The DB passwords can be assigned an alias and stored in a keystore and the alias can
be provided to Sqoop.
> Option to provide the password on the command line (using --password-alias) option can
be introduced as well as enhance the secure file option that we currently have to provide
a new password loader that resolves the alias from keystore.
> We need to detect the availability of the Credential Provider feature and use it and
fail gracefully otherwise



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message