You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zeppelin.apache.org by "Suchit gupta (Jira)" <ji...@apache.org> on 2021/01/11 17:09:00 UTC
[jira] [Created] (ZEPPELIN-5196) Shiro how to secure the data
source password
Suchit gupta created ZEPPELIN-5196:
--------------------------------------
Summary: Shiro how to secure the data source password
Key: ZEPPELIN-5196
URL: https://issues.apache.org/jira/browse/ZEPPELIN-5196
Project: Zeppelin
Issue Type: Bug
Components: JdbcInterpreter, security
Reporter: Suchit gupta
I have been exploring Apache Shiro with Zeppelin and so far has been able to make authentication work with JdbcRealm but one thing that is not going well is giving the data source password as plain text.
Is there a way to avoid that?
My shiro.ini looks like:
{code:java}
[main]
dataSource = org.postgresql.ds.PGPoolingDataSource
dataSource.serverName = localhost
dataSource.databaseName = dp
dataSource.user = dp_test
dataSource.password = Password123
ps = org.apache.shiro.authc.credential.DefaultPasswordService
pm = org.apache.shiro.authc.credential.PasswordMatcher
pm.passwordService = $ps
jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealmCredentialsMatcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
jdbcRealm.dataSource = $dataSource
jdbcRealm.credentialsMatcher = $pm
shiro.loginUrl = /api/login
[roles]
admin = *
[urls]
/** = authc
{code}
Is there a way to avoid giving data source password as plain text
{noformat}
dataSource.password = Password123{noformat}
?
Would like to give something like: {{$shiro1$SHA-256$500000$YdUEhfDpsx9KLGeyshFegQ==$m+4wcq4bJZo1HqDAGECx50LcEkRZI0zCyq99gtRqZDk=}}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)