You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Chris Nauroth (JIRA)" <ji...@apache.org> on 2016/01/30 00:52:39 UTC

[jira] [Commented] (HADOOP-11031) Design Document for Credential Provider API

    [ https://issues.apache.org/jira/browse/HADOOP-11031?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15124457#comment-15124457 ] 

Chris Nauroth commented on HADOOP-11031:
----------------------------------------

Hi [~lmccay].  This content looks great.  I have a few suggestions.

# Let's update site.xml to put a link to this page in the left navigation.  This seems to make sense in the Common section, right after the link to HTTP Authentication.
# The last hyperlink in the table of contents doesn't work correctly.  I think it needs to be changed to this.
{code}
     - [The hadoop credential Command](#The_hadoop_credential_Command)
{code}
# Where the {{Configuration#getPassword}} method is mentioned, we can make it a hyperlink to the JavaDocs.
# The document mentions that it will cover "how to create custom providers" and "an example of its use will be included", but I didn't find that.  I assume it just wasn't done yet, so please consider adding it in the next patch revision.  I also think it's acceptable to drop the mention of it and defer that kind of deep customization to a later patch.  I think the initial goal here was to make basic usage easier to understand.
# The table entry for SSL Passwords ends with "Components".  It looks like this was either a leftover word or an uncompleted sentence.
# I think we should discuss how to control the keystore password for the jceks provider ({{HADOOP_CREDSTORE_PASSWORD}} environment variable or {{hadoop.security.credstore.java-keystore-provider.password-file}} configuration property if not in environemnt).

bq. Being that this is a common facility being used by other projects, is it appropriate to include them all in the table of integration points and link to their specific documentation as appropriate?

Yes, I think this makes sense.  I also think it makes sense for the targeted pages to back-link over to CredentialProviderAPI.html, so that their users are guided to the documentation.  That would be a bigger change though obviously.

> Design Document for Credential Provider API
> -------------------------------------------
>
>                 Key: HADOOP-11031
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11031
>             Project: Hadoop Common
>          Issue Type: Bug
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>         Attachments: CredentialProviderAPI.md
>
>
> Provide detailed overview of the design, intent and use of the credential management API.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)