Nahappan Somasundaram created AMBARI-19427:
----------------------------------------------
Summary: Ambari-server: Annotate PASSWORD properties with an
attribute to indicate that they are credential store aware properties
Key: AMBARI-19427
URL: https://issues.apache.org/jira/browse/AMBARI-19427
Project: Ambari
Issue Type: Task
Reporter: Nahappan Somasundaram
Assignee: Nahappan Somasundaram
In service configuration files, password properties are of type PASSWORD. When
credential store usage is enabled for the feature, all such properties will be
encrypted and placed in the configuration's JCEKS provider and will not be
available in plain text in the command JSON.
However, there are situations where certain password properties should not be
moved into the configuration's JCEKS provider but left as plain text in the
command JSON for clients which are not credential store aware to consume.
To take of this, password properties that are to be moved to JCEKS provider
should be annotated with a new attribute, "keystore" to explicitly indicate
that these properties are credential store aware.
{code}
<property require-input="true">
<name>oozie.service.JPAService.jdbc.password</name>
<value/>
<display-name>Database Password</display-name>
<property-type>PASSWORD</property-type>
<description>
DB user password.
IMPORTANT: if password is emtpy leave a 1 space string, the service trims
the value,
if empty Configuration assumes it is NULL.
</description>
<value-attributes>
<type>password</type>
<overridable>false</overridable>
*<keystore>true</keystore>*
</value-attributes>
<on-ambari-upgrade add="true"/>
</property>
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
