You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Steve Loughran (JIRA)" <ji...@apache.org> on 2018/04/02 12:39:00 UTC
[jira] [Commented] (HADOOP-15325) Make
Configuration#getPasswordFromCredentialsProvider() a public API
[ https://issues.apache.org/jira/browse/HADOOP-15325?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16422210#comment-16422210 ]
Steve Loughran commented on HADOOP-15325:
-----------------------------------------
[~shv] that JIRA is about HDFS secrets; feel free to do what you want there, as long as changes to hadoop-common aren't made outside of HADOOP-* JIRAs. You are doing the right thing here.
I'm worrying about storing secrets about object stores, where we are still getting people to stop putting secrets in Path URIs (HADOOP-3733). There's a common practise in spark now for people to set the settings in their spark conf now:
{code}
spark.hadoop.fs.s3a.access.key
spark.hadoop.fs.s3a.secret.key MySecretKey
{code}
This isn't great, but its better than before, and if you use session credentials instead then the secrets expire pretty fast.
I don't want to break all this code, especially as the object store connectors are still rolling out their support for JCEKS files.
> Make Configuration#getPasswordFromCredentialsProvider() a public API
> --------------------------------------------------------------------
>
> Key: HADOOP-15325
> URL: https://issues.apache.org/jira/browse/HADOOP-15325
> Project: Hadoop Common
> Issue Type: Improvement
> Components: conf
> Affects Versions: 2.6.0
> Reporter: Wei-Chiu Chuang
> Assignee: Zsolt Venczel
> Priority: Major
>
> HADOOP-10607 added a public API Configuration.getPassword() which reads passwords from credential provider and then falls back to reading from configuration if one is not available.
> This API has been used throughout Hadoop codebase and downstream applications. It is understandable for old password configuration keys to fallback to configuration to maintain backward compatibility. But for new configuration passwords that don't have legacy, there should be an option to _not_ fallback, because storing passwords in configuration is considered a bad security practice.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org