[jira] [Updated] (HADOOP-15157) Zookeeper authentication related properties to support CredentialProviders

Fri, 05 Jan 2018 05:57:24 -0800 

     [ 
https://issues.apache.org/jira/browse/HADOOP-15157?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Gergo Repas updated HADOOP-15157:
---------------------------------
    Description: 
The hadoop.zk.auth and ha.zookeeper.auth properties currently support either a 
plain-text authentication info (in scheme:value format), or a @/path/to/file 
notation which points to a plain-text file.

This ticket proposes that the hadoop.zk.auth and ha.zookeeper.auth properties 
can be retrieved via the CredentialProviderAPI that's been configured using the 
credential.provider.path, with fallback provided to the clear-text value or 
@/path/to/file notation.

  was:
The hadoop.zk.auth and ha.zookeeper.auth properties currently support either a 
plain-text authentication info (in scheme:value format), or a @/path/to/file 
notation which points to a plain-text file.

This ticket proposes that the value of these properties can also be 
CredentialProvider URI-s (such as a jceks or localjceks URI). This allows users 
to point to an encrypted store containing the authentication info.


> Zookeeper authentication related properties to support CredentialProviders
> --------------------------------------------------------------------------
>
>                 Key: HADOOP-15157
>                 URL: https://issues.apache.org/jira/browse/HADOOP-15157
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>            Reporter: Gergo Repas
>            Assignee: Gergo Repas
>            Priority: Minor
>         Attachments: HADOOP-15157.000.patch, HADOOP-15157.001.patch
>
>
> The hadoop.zk.auth and ha.zookeeper.auth properties currently support either 
> a plain-text authentication info (in scheme:value format), or a 
> @/path/to/file notation which points to a plain-text file.
> This ticket proposes that the hadoop.zk.auth and ha.zookeeper.auth properties 
> can be retrieved via the CredentialProviderAPI that's been configured using 
> the credential.provider.path, with fallback provided to the clear-text value 
> or @/path/to/file notation.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to