You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Sandor Molnar (JIRA)" <ji...@apache.org> on 2017/12/01 11:06:00 UTC

[jira] [Created] (AMBARI-22571) Handle passwords/sensitive data in Ambari configuration properties

Sandor Molnar created AMBARI-22571:
--------------------------------------

             Summary: Handle passwords/sensitive data in Ambari configuration properties
                 Key: AMBARI-22571
                 URL: https://issues.apache.org/jira/browse/AMBARI-22571
             Project: Ambari
          Issue Type: Task
          Components: ambari-server
            Reporter: Sandor Molnar
            Assignee: Sandor Molnar
            Priority: Minor
             Fix For: trunk


Passwords and other sensitive data stored as values to properties in Ambari configurations need to be masked or not stored in cleartext.

For example, {{ldap-configuration/ambari.ldap.connectivity.trust_store.password}} and ldap-{{configuration/ambari.ldap.connectivity.bind_password}}.

If the Ambari credential store is enabled (which might be by default as of Ambari 3.0.0), the sensitive date can be stored there like we do when sensitive data is to be stored in the ambari.properties file - see {{org.apache.ambari.server.security.encryption.CredentialStoreService}}.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)