[jira] [Commented] (HBASE-11810) Access SSL Passwords through Credential Provider API

Andrew Purtell (JIRA) Thu, 28 Aug 2014 14:41:51 -0700

    [ 
https://issues.apache.org/jira/browse/HBASE-11810?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14114399#comment-14114399
 ]


Andrew Purtell commented on HBASE-11810:
----------------------------------------

Patch lgtm.

I can test this with the latest branch-2? Let me try that and report back.

> Access SSL Passwords through Credential Provider API
> ----------------------------------------------------
>
>                 Key: HBASE-11810
>                 URL: https://issues.apache.org/jira/browse/HBASE-11810
>             Project: HBase
>          Issue Type: Improvement
>          Components: security
>            Reporter: Larry McCay
>         Attachments: HBASE_11810.patch
>
>
> HADOOP-10607 introduced the credential provider API for allowing passwords 
> and other sensitive configuration items to be stored in an external provider.
> RESTServer is accessing passwords stored in clear text in Configuration 
> through the standard get() method. By using the new Configuration.getPassword 
> method instead, the credential provider API will be checked first then fall 
> back to clear text - when allowed.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Commented] (HBASE-11810) Access SSL Passwords through Credential Provider API

Reply via email to