You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sqoop.apache.org by Shashank Tandon <st...@expedia.com> on 2016/01/25 12:24:17 UTC

Review Request 42714: Review for issue SQOOP-2801:Secure RDBMS password in Sqoop Metastore in a encrypted form

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/42714/
-----------------------------------------------------------

Review request for Sqoop and Jarek Cecho.


Repository: sqoop-trunk


Description
-------

Currently Sqoop store password in the sqoop metastore in the form of plain text.While running command,
sqoop job --show <job_name> , password becomes visible as plain text.Also anyone can see the password in metastore db since it is visible in a plain text.In order to provide more security, CryptoFileLoader class is extended to store password in metastore in encrypted form.Sqoop will decrypt the password during exec job.In case of show job , the password will be visible as encrypted manner.User can pass any algorithm and passphrase to encrypt the password in a similar way as it happens in case of storing password in the File.


Diffs
-----

  src/java/org/apache/sqoop/metastore/hsqldb/HsqldbJobStorage.java a0f29fd 
  src/java/org/apache/sqoop/tool/JobTool.java 4359058 
  src/java/org/apache/sqoop/util/CredentialsUtil.java 5b5375e 
  src/java/org/apache/sqoop/util/password/CryptoFileLoader.java 7241aa5 
  src/java/org/apache/sqoop/util/password/FilePasswordLoader.java 7f0c8b4 
  src/java/org/apache/sqoop/util/password/PasswordLoader.java 6515a1d 

Diff: https://reviews.apache.org/r/42714/diff/


Testing
-------

YES


Thanks,

Shashank Tandon