You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Andrew Purtell (JIRA)" <ji...@apache.org> on 2014/08/23 18:14:11 UTC

[jira] [Commented] (HBASE-11810) Access SSL Passwords through Credential Provider API

    [ https://issues.apache.org/jira/browse/HBASE-11810?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14108044#comment-14108044 ] 

Andrew Purtell commented on HBASE-11810:
----------------------------------------

Sounds good [~lmccay], do you intend to attach a patch? If so, it needs to work with older Hadoop 2.x versions that might be missing an API in newer 2.x. 

> Access SSL Passwords through Credential Provider API
> ----------------------------------------------------
>
>                 Key: HBASE-11810
>                 URL: https://issues.apache.org/jira/browse/HBASE-11810
>             Project: HBase
>          Issue Type: Improvement
>          Components: security
>            Reporter: Larry McCay
>
> HADOOP-10607 introduced the credential provider API for allowing passwords and other sensitive configuration items to be stored in an external provider.
> RESTServer is accessing passwords stored in clear text in Configuration through the standard get() method. By using the new Configuration.getPassword method instead, the credential provider API will be checked first then fall back to clear text - when allowed.



--
This message was sent by Atlassian JIRA
(v6.2#6252)