[SQOOP-1471] Use Hadoop CredentialProvider API to encyrpt passwords at rest - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.4.4, 1.4.5
Fix Version/s: 1.4.6
Component/s: None
Labels:
None
Environment:

Hadoop 2.6.0+

Description

~~HADOOP-10607~~ introduces an API to isolate password Storage from applications. This can be used to provide the DB password in a secure fashion to Sqoop users.

The DB passwords can be assigned an alias and stored in a keystore and the alias can be provided to Sqoop.
Option to provide the password on the command line (using --password-alias) option can be introduced as well as enhance the secure file option that we currently have to provide a new password loader that resolves the alias from keystore.

We need to detect the availability of the Credential Provider feature and use it and fail gracefully otherwise

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending

Attachments

SQOOP-1471.diff
27/Aug/14 04:10
21 kB
Venkat Ranganathan
SQOOP-1471.diff.2
23/Sep/14 07:30
22 kB
Venkat Ranganathan
SQOOP-1471.diff.3
03/Oct/14 03:46
22 kB
Venkat Ranganathan
SQOOP-1471.diff.4
08/Oct/14 04:24
24 kB
Venkat Ranganathan

Issue Links

links to

review board link

Activity

People

Assignee:

Venkat Ranganathan

Reporter:

Venkat Ranganathan

Votes:

0 Vote for this issue

Watchers:

4 Start watching this issue

Dates

Created:

25/Aug/14 23:39

Updated:

08/Oct/14 22:07

Resolved:

08/Oct/14 21:01