Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-15325

Make Configuration#getPasswordFromCredentialsProvider() a public API

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Implemented
    • Affects Version/s: 2.6.0
    • Fix Version/s: None
    • Component/s: conf
    • Labels:
      None
    • Target Version/s:

      Description

      HADOOP-10607 added a public API Configuration.getPassword() which reads passwords from credential provider and then falls back to reading from configuration if one is not available.

      This API has been used throughout Hadoop codebase and downstream applications. It is understandable for old password configuration keys to fallback to configuration to maintain backward compatibility. But for new configuration passwords that don't have legacy, there should be an option to not fallback, because storing passwords in configuration is considered a bad security practice.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                zvenczel Zsolt Venczel
                Reporter:
                weichiu Wei-Chiu Chuang
              • Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: