You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@falcon.apache.org by "Balu Vellanki (JIRA)" <ji...@apache.org> on 2016/06/06 20:49:21 UTC

[jira] [Updated] (FALCON-1919) Provide user the option to store sensitive information with Hadoop credential provider

     [ https://issues.apache.org/jira/browse/FALCON-1919?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Balu Vellanki updated FALCON-1919:
----------------------------------
    Fix Version/s: 0.10

> Provide user the option to store sensitive information with Hadoop credential provider
> --------------------------------------------------------------------------------------
>
>                 Key: FALCON-1919
>                 URL: https://issues.apache.org/jira/browse/FALCON-1919
>             Project: Falcon
>          Issue Type: New Feature
>            Reporter: Ying Zheng
>            Assignee: Ying Zheng
>             Fix For: trunk, 0.10
>
>
> Sensitive data, e.g. SSL keystore password, SMTP user name and password, Azure service bus SAS key, ActiveMQ server password, etc., are stored as plain text in startup.properties. This JIRA is to provide the user an option to store these sensitive data with Hadoop credential provider for better security.
> The property key of the alias to be resolved through Hadoop credential provider should have the format: hadoop.security.alias.[property-key]. For example, if the alias name for keystore password is "keystorepwd", the user should add "hadoop.security.alias.keystore.password=keystorepwd" in startup.properties.
> The user can specify the provider path with property key "hadoop.security.credential.provider.path". Falcon will use the default provider path in core-site.xml if not specified in startup.properties.
> Note that Falcon will only try to resolve alias if the property value is not set directly in startup.properties.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)