Github user vanzin commented on a diff in the pull request:
https://github.com/apache/spark/pull/21548#discussion_r196976257
--- Diff: docs/security.md ---
@@ -446,6 +446,18 @@ replaced with one of the above namespaces.
</tr>
</table>
+Spark also supports retrieving `${ns}.keyPassword`,
`${ns}.keyStorePassword` and `${ns}.trustStorePassword` from
+[Hadoop Credential
Providers](https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/CredentialProviderAPI.html).
+User could store password into credential file and make it accessible by
different components, like:
+
+```
+hadoop credential create spark.ssl.keyPassword -value password \
+ -provider jceks://h...@nn1.example.com:9001/user/backup/ssl.jceks
+```
+
+In the meantime, adding configuration
"hadoop.security.credential.provider.path=jceks://h...@nn1.example.com:9001/user/backup/ssl.jceks"
--- End diff --
Rephrase:
"To configure the location of the credential provider, set the
`hadoop.security.credential.provider.path` config option in the Hadoop
configuration used by Spark."
Your example also kinda looks like a Spark config (which would be
"spark.hadoop.blah"), since Hadoop configs are generally in XML.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
For additional commands, e-mail: reviews-h...@spark.apache.org
