[jira] [Commented] (HADOOP-10607) Create an API to Separate Credentials/Password Storage from Applications

Thu, 12 Jun 2014 09:06:15 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-10607?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14029306#comment-14029306
 ] 

Larry McCay commented on HADOOP-10607:
--------------------------------------

I will address the exception and the return style points in another revision of 
the patch.

The use of char[]'s over Strings are an accepted security best practice due to 
Strings being immutable and therefore in memory until GC can clean them up. 
Character arrays may be used and immediately overwritten to reduce the window 
of time that the actual password is in memory. While in practice it is often 
difficult to eliminate all String use for passwords, we shouldn't exacerbate 
the issue by handing out passwords as Strings. At least the consumers should be 
able to whack the password char[]'s when they are done with them.

If we really want to change this then I would suggest we do so in a follow up 
jira.

> Create an API to Separate Credentials/Password Storage from Applications
> ------------------------------------------------------------------------
>
>                 Key: HADOOP-10607
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10607
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: security
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>             Fix For: 3.0.0
>
>         Attachments: 10607-10.patch, 10607-11.patch, 10607-2.patch, 
> 10607-3.patch, 10607-4.patch, 10607-5.patch, 10607-6.patch, 10607-7.patch, 
> 10607-8.patch, 10607-9.patch, 10607.patch
>
>
> As with the filesystem API, we need to provide a generic mechanism to support 
> multiple credential storage mechanisms that are potentially from third 
> parties. 
> We need the ability to eliminate the storage of passwords and secrets in 
> clear text within configuration files or within code.
> Toward that end, I propose an API that is configured using a list of URLs of 
> CredentialProviders. The implementation will look for implementations using 
> the ServiceLoader interface and thus support third party libraries.
> Two providers will be included in this patch. One using the credentials cache 
> in MapReduce jobs and the other using Java KeyStores from either HDFS or 
> local file system. 
> A CredShell CLI will also be included in this patch which provides the 
> ability to manage the credentials within the stores.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to