Details
-
Sub-task
-
Status: Resolved
-
Major
-
Resolution: Won't Do
-
None
-
None
-
None
Description
Normally keys have to be stored in a central location using custom key management system. organizations can implement KeyProvider to integrate their custom key management system to Hadoop. This interface is specified in MAPREDUCE-4550
Optionally , developers can use Safe to integrate custom key management system with Hadoop.
Safe is an open source web service based keystore to securely store secret keys and passwords.
Safe authenticates the user using SPNego, checks whether the user is authorized to read the secret and returns the secret.
It is easy to plug in different mechanisms for authentication,authorization and Key storage.
Safe is kept as a separate open source project at (http://benoyantony.github.com/safe/)
The hadoop proxy to safe is added as a contrib project - hadoop-safe.