You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@drill.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2020/03/02 11:14:00 UTC
[jira] [Commented] (DRILL-7547) More secure storage for mongodb
credentials
[ https://issues.apache.org/jira/browse/DRILL-7547?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17049108#comment-17049108 ]
ASF GitHub Bot commented on DRILL-7547:
---------------------------------------
arina-ielchiieva commented on issue #2001: DRILL-7547: Support credentials store for mongo connections
URL: https://github.com/apache/drill/pull/2001#issuecomment-593351379
LGTM, +1
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
> More secure storage for mongodb credentials
> -------------------------------------------
>
> Key: DRILL-7547
> URL: https://issues.apache.org/jira/browse/DRILL-7547
> Project: Apache Drill
> Issue Type: Improvement
> Components: Storage - MongoDB
> Affects Versions: 1.17.0
> Reporter: Dobes Vandermeer
> Assignee: Dobes Vandermeer
> Priority: Major
> Fix For: 1.18.0
>
>
> Currently you can sort of "hide" S3 AWS credentials in core-site.xml, but for the mongodb connection the username and password are accessible from the Web UI, API, and ZooKeeper API because it is placed in the configuration for the storage plugin.
> I wonder if it would be possible to store the username and password used for mongodb connection in a more secure manner, maybe it could be encrypted when you first save it, then even if you look at the configuration for the mongodb storage plugin via the ZooKeeper API you cannot extract the username and password.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)