You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@drill.apache.org by "Dobes Vandermeer (Jira)" <ji...@apache.org> on 2020/01/22 21:04:00 UTC

[jira] [Created] (DRILL-7547) More secure storage for mongodb credentials

Dobes Vandermeer created DRILL-7547:
---------------------------------------

             Summary: More secure storage for mongodb credentials
                 Key: DRILL-7547
                 URL: https://issues.apache.org/jira/browse/DRILL-7547
             Project: Apache Drill
          Issue Type: Improvement
          Components: Storage - MongoDB
    Affects Versions: 1.17.0
            Reporter: Dobes Vandermeer


Currently you can sort of "hide" S3 AWS credentials in core-site.xml, but for the mongodb connection the username and password are accessible from the Web UI and API because it is placed in the configuration for the storage plugin.

I wonder if it would be possible to store the username and password used for mongodb connection in a more secure manner, maybe it could be encrypted when you first save it, then even if you look at the configuration for the mongodb storage plugin you cannot extract the username and password.

 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)