You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Hudson (JIRA)" <ji...@apache.org> on 2018/01/18 18:27:03 UTC

[jira] [Commented] (AMBARI-22571) Handle passwords/sensitive data in Ambari configuration properties

    [ https://issues.apache.org/jira/browse/AMBARI-22571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16330937#comment-16330937 ] 

Hudson commented on AMBARI-22571:
---------------------------------

FAILURE: Integrated in Jenkins build Ambari-trunk-Commit #8613 (See [https://builds.apache.org/job/Ambari-trunk-Commit/8613/])
AMBARI-22571. Handle passwords/sensitive data in Ambari configuration (rlevas: [https://gitbox.apache.org/repos/asf?p=ambari.git&a=commit&h=297e5b9f81e64dcd46f736f3f10609ecbc1cd7d6])
* (edit) ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProvider.java
* (edit) ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
* (add) ambari-server/src/main/java/org/apache/ambari/server/api/services/RootServiceComponentConfiguration.java
* (edit) ambari-server/src/test/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationResourceProviderTest.java
* (add) ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AmbariServerConfigurationUtils.java
* (edit) ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AmbariServerConfigurationHandler.java
* (edit) ambari-server/src/main/java/org/apache/ambari/server/controller/internal/AmbariServerLDAPConfigurationHandler.java
* (edit) ambari-server/src/main/java/org/apache/ambari/server/controller/internal/RootServiceComponentConfigurationHandler.java
* (edit) ambari-server/src/main/java/org/apache/ambari/server/ldap/domain/AmbariLdapConfigurationKeys.java
* (add) ambari-server/src/main/java/org/apache/ambari/server/configuration/ConfigurationPropertyType.java
* (edit) ambari-server/pom.xml


> Handle passwords/sensitive data in Ambari configuration properties
> ------------------------------------------------------------------
>
>                 Key: AMBARI-22571
>                 URL: https://issues.apache.org/jira/browse/AMBARI-22571
>             Project: Ambari
>          Issue Type: Task
>          Components: ambari-server
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Minor
>              Labels: config, security
>             Fix For: trunk
>
>         Attachments: AMBARI_22571_trunk_01.patch
>
>
> Passwords and other sensitive data stored as values to properties in Ambari configurations need to be masked or not stored in cleartext.
> For example, {{ldap-configuration/ambari.ldap.connectivity.trust_store.password}} and ldap-{{configuration/ambari.ldap.connectivity.bind_password}}.
> If the Ambari credential store is enabled (which might be by default as of Ambari 3.0.0), the sensitive date can be stored there like we do when sensitive data is to be stored in the ambari.properties file - see {{org.apache.ambari.server.security.encryption.CredentialStoreService}}.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)