[ https://issues.apache.org/jira/browse/OOZIE-2771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15837295#comment-15837295 ]
Abhishek Bafna commented on OOZIE-2771: --------------------------------------- Thanks [~asasvari] for the patch and [~gezapeti] [~andras.piros] for the review. Committed to master. > Allow retrieving keystore and truststore passwords from Hadoop Credential > Provider > ---------------------------------------------------------------------------------- > > Key: OOZIE-2771 > URL: https://issues.apache.org/jira/browse/OOZIE-2771 > Project: Oozie > Issue Type: Improvement > Reporter: Attila Sasvari > Assignee: Attila Sasvari > Fix For: 5.0.0 > > Attachments: OOZIE-2771-01.patch > > > Right now passwords for keystore and truststore > ({{oozie.https.keystore.pass}}, {{oozie.https.truststore.pass}}) are stored > in {{oozie-site.xml}} as cleartext. > However, Oozie could take advantage of the Hadoop Credential Provider for > storing and retrieving that passwords similarly how the JDBC password > ({{oozie.service.JPAService.jdbc.password}}) is handled today (see > https://issues.apache.org/jira/browse/OOZIE-2272). > This way keystore and truststore passwords could be masked in oozie-site. > Note: {{ConfigurationService.getPassword}} is worth to look at. -- This message was sent by Atlassian JIRA (v6.3.4#6332)