Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-15325

Make Configuration#getPasswordFromCredentialsProvider() a public API

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Implemented
    • 2.6.0
    • None
    • conf
    • None

    Description

      HADOOP-10607 added a public API Configuration.getPassword() which reads passwords from credential provider and then falls back to reading from configuration if one is not available.

      This API has been used throughout Hadoop codebase and downstream applications. It is understandable for old password configuration keys to fallback to configuration to maintain backward compatibility. But for new configuration passwords that don't have legacy, there should be an option to not fallback, because storing passwords in configuration is considered a bad security practice.

      Attachments

        Issue Links

          blocks

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-15351 Deprecate all existing password fields in hadoop configuration

          • Major - Major loss of function.
          • Open

          Improvement - An improvement or enhancement to an existing feature or task. HDFS-13366 Deprecate all existing password fields in hdfs configuration

          • Major - Major loss of function.
          • Open
          is related to

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-12862 LDAP Group Mapping over SSL can not specify trust store

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              zvenczel Zsolt Venczel
              weichiu Wei-Chiu Chuang
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: