[
https://issues.apache.org/jira/browse/HADOOP-10428?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13958362#comment-13958362
]
Larry McCay commented on HADOOP-10428:
--------------------------------------
I would agree with that property name change as well.
Just as a comment on the feature itself...
We don't really want to encourage clear text passwords in configuration which
is why this was not done in the initial implementation.
I have plans for password indirection for such usecases.
As long as we don't preclude the ability to support this feature with a
configuration syntax that allows for clear text backward compatibility as well
as an alias based indirection then I am fine with adding this.
What I have in mind is something like
password=clearText vs passoword=${ALIAS=clearText}
This would allow us to determine a config value is an alias and to resolve it
or just use it as backward compatible clear text.
Thoughts?
> JavaKeyStoreProvider should accept keystore password via configuration
> falling back to ENV VAR
> -----------------------------------------------------------------------------------------------
>
> Key: HADOOP-10428
> URL: https://issues.apache.org/jira/browse/HADOOP-10428
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 3.0.0
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Attachments: HADOOP-10428.patch
>
>
> Currently the password for the {{JavaKeyStoreProvider}} must be set in an ENV
> VAR.
> Allowing the password to be set via configuration enables applications to
> interactively ask for the password before initializing the
> {{JavaKeyStoreProvider}}.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
