You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2017/12/01 13:06:00 UTC

[jira] [Commented] (AMBARI-22571) Handle passwords/sensitive data in Ambari configuration properties

    [ https://issues.apache.org/jira/browse/AMBARI-22571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16274356#comment-16274356 ] 

Robert Levas commented on AMBARI-22571:
---------------------------------------

[~smolnar]...

Password properties in the {{ambari.properites}} file is moved out into a different file. If the Ambari credential store is enabled, sensitive data is stored there, else I believe that it is moved into its own file.  

The properties in this case are similar in that they are Ambari-level properties.  I suspect many properties will be moved from the {{ambari.properties}} file into the Ambari database, like the LDAP configuration properties.  Ideally, the Ambari credential store is set up and the sensitive values can be stored there. However for now, this is optional.  I want to push to make this mandatory as part of the Ambari server setup, but I am not sure if I will get traction on that.  Maybe others in the community will chime in. 

For now, we need to hide the sensitive data from results in REST API requests.  For example {{GET /api/v1/services/AMBARI/components/AMBARI_SERVER/configurations/ldap-configuration}}. Or maybe even hide the sensitive data from non-Ambari Administrator users. 



> Handle passwords/sensitive data in Ambari configuration properties
> ------------------------------------------------------------------
>
>                 Key: AMBARI-22571
>                 URL: https://issues.apache.org/jira/browse/AMBARI-22571
>             Project: Ambari
>          Issue Type: Task
>          Components: ambari-server
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Minor
>              Labels: config, security
>             Fix For: trunk
>
>
> Passwords and other sensitive data stored as values to properties in Ambari configurations need to be masked or not stored in cleartext.
> For example, {{ldap-configuration/ambari.ldap.connectivity.trust_store.password}} and ldap-{{configuration/ambari.ldap.connectivity.bind_password}}.
> If the Ambari credential store is enabled (which might be by default as of Ambari 3.0.0), the sensitive date can be stored there like we do when sensitive data is to be stored in the ambari.properties file - see {{org.apache.ambari.server.security.encryption.CredentialStoreService}}.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)