[GitHub] zeppelin pull request #1315: [ZEPPELIN-530] Added changes for Credential Pro...

[rconline]

GitHub user rconline opened a pull request:

    https://github.com/apache/zeppelin/pull/1315

    [ZEPPELIN-530] Added changes for Credential Provider, using hadoop commons 
Credential apis

    ### What is this PR for?
    This is the first step in order to ensure clear text passwords are not 
stored in the configuration files. To start with this PR will take care of 
getting AD system password from the .jceks file, configured by the user 
specified in the shiro.ini file. Going forward the same keystore can be used to 
read passwords for other systems as well. 
    
    If the hadoopSecurityCredentialPath path is present and not empty in the 
shiro.ini, then the password is read from the keystore file and it need not be 
stored inside the shiro.ini file. 
    
    
    ### What type of PR is it?
    [ Improvement]
    
    ### What is the Jira issue?
    https://issues.apache.org/jira/browse/ZEPPELIN-530
    
    
    ### How should this be tested?
    Create a keystore file using the hadoop credential commandline, for this 
the hadoop commons should be in the classpath
    
    `hadoop credential create systempassword -provider 
jceks://user/zeppelin/zeppelin.jceks`
    
    Change the following values in the Shiro.ini file, and uncomment the line:
    
    `activeDirectoryRealm.hadoopSecurityCredentialPath = 
jceks://user/zeppelin/zeppelin.jceks`
    
    ### Questions:
    * Does the licenses files need update?
    No
    * Is there breaking changes for older versions?
    No. This is an additional option. 
    * Does this needs documentation?
    Yes
    
    ### Tasks
    * Documentation
    


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/rconline/zeppelin ZEPPELIN-530

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/zeppelin/pull/1315.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #1315
    
----
commit cfecf74215c22cdde94aa6a60a8ac372afc8cfdc
Author: Rohit Choudhary <rconl...@gmail.com>
Date:   2016-08-10T11:01:29Z

    [ZEPPELIN-530] Added changes for Credential Provider, using hadoop commons 
and credential api's.

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---