Wei-Chiu Chuang created HADOOP-15325:
----------------------------------------
Summary: Add an option to make Configuration.getPassword() not to
fallback to read passwords from configuration.
Key: HADOOP-15325
URL: https://issues.apache.org/jira/browse/HADOOP-15325
Project: Hadoop Common
Issue Type: Improvement
Components: conf
Affects Versions: 2.6.0
Reporter: Wei-Chiu Chuang
Assignee: Wei-Chiu Chuang
HADOOP-10607 added a public API Configuration.getPassword() which reads
passwords from credential provider and then falls back to reading from
configuration if one is not available.
This API has been used throughout Hadoop codebase and downstream applications.
It is understandable for old password configuration keys to fallback to
configuration to maintain backward compatibility. But for new configuration
passwords that don't have legacy, there should be an option to _not_ fallback,
because storing passwords in configuration is considered a bad security
practice.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
