Sandor Molnar created AMBARI-22571: -------------------------------------- Summary: Handle passwords/sensitive data in Ambari configuration properties Key: AMBARI-22571 URL: https://issues.apache.org/jira/browse/AMBARI-22571 Project: Ambari Issue Type: Task Components: ambari-server Reporter: Sandor Molnar Assignee: Sandor Molnar Priority: Minor Fix For: trunk
Passwords and other sensitive data stored as values to properties in Ambari configurations need to be masked or not stored in cleartext. For example, {{ldap-configuration/ambari.ldap.connectivity.trust_store.password}} and ldap-{{configuration/ambari.ldap.connectivity.bind_password}}. If the Ambari credential store is enabled (which might be by default as of Ambari 3.0.0), the sensitive date can be stored there like we do when sensitive data is to be stored in the ambari.properties file - see {{org.apache.ambari.server.security.encryption.CredentialStoreService}}. -- This message was sent by Atlassian JIRA (v6.4.14#64029)