You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sqoop.apache.org by Shashank Tandon <st...@expedia.com> on 2016/01/25 12:24:17 UTC
Review Request 42714: Review for issue SQOOP-2801:Secure RDBMS
password in Sqoop Metastore in a encrypted form
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/42714/
-----------------------------------------------------------
Review request for Sqoop and Jarek Cecho.
Repository: sqoop-trunk
Description
-------
Currently Sqoop store password in the sqoop metastore in the form of plain text.While running command,
sqoop job --show <job_name> , password becomes visible as plain text.Also anyone can see the password in metastore db since it is visible in a plain text.In order to provide more security, CryptoFileLoader class is extended to store password in metastore in encrypted form.Sqoop will decrypt the password during exec job.In case of show job , the password will be visible as encrypted manner.User can pass any algorithm and passphrase to encrypt the password in a similar way as it happens in case of storing password in the File.
Diffs
-----
src/java/org/apache/sqoop/metastore/hsqldb/HsqldbJobStorage.java a0f29fd
src/java/org/apache/sqoop/tool/JobTool.java 4359058
src/java/org/apache/sqoop/util/CredentialsUtil.java 5b5375e
src/java/org/apache/sqoop/util/password/CryptoFileLoader.java 7241aa5
src/java/org/apache/sqoop/util/password/FilePasswordLoader.java 7f0c8b4
src/java/org/apache/sqoop/util/password/PasswordLoader.java 6515a1d
Diff: https://reviews.apache.org/r/42714/diff/
Testing
-------
YES
Thanks,
Shashank Tandon