You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@oozie.apache.org by "Peter Cseh (JIRA)" <ji...@apache.org> on 2017/01/12 12:17:52 UTC

[jira] [Commented] (OOZIE-2771) Allow retrieving keystore and truststore passwords from Hadoop Credential Provider

    [ https://issues.apache.org/jira/browse/OOZIE-2771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15820868#comment-15820868 ] 

Peter Cseh commented on OOZIE-2771:
-----------------------------------

+1 (non-binding)

> Allow retrieving keystore and truststore passwords from Hadoop Credential Provider
> ----------------------------------------------------------------------------------
>
>                 Key: OOZIE-2771
>                 URL: https://issues.apache.org/jira/browse/OOZIE-2771
>             Project: Oozie
>          Issue Type: Improvement
>            Reporter: Attila Sasvari
>            Assignee: Attila Sasvari
>         Attachments: OOZIE-2771-01.patch
>
>
> Right now passwords for keystore and truststore ({{oozie.https.keystore.pass}}, {{oozie.https.truststore.pass}}) are stored in {{oozie-site.xml}} as cleartext.
> However, Oozie could take advantage of the Hadoop Credential Provider for storing and retrieving that passwords similarly how the JDBC password ({{oozie.service.JPAService.jdbc.password}}) is handled today (see https://issues.apache.org/jira/browse/OOZIE-2272).
> This way keystore and truststore passwords could be masked in oozie-site.
> Note: {{ConfigurationService.getPassword}} is worth to look at.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)