smolnar82 opened a new pull request #381: URL: https://github.com/apache/knox/pull/381
KNOX-2463 - Let end-users customize security algorithm for internal credential stores KNOX-2464 - KnoxCLI should pass GatewayConfig when setting up master secret so that encryptor becomes initialized ## What changes were proposed in this pull request? This PR contains resolution for 3 JIRAs at once (using different commits, of course) as they are related to each other. In these commits, I made sure that: - credential store type is configurable via `gateway-site.xml` (defaults to `JCEKS`) - the algorithm Knox uses when creating an entry in a credential is configurable via `gateway-site.xml` (defaults to `AES`) - fixed the bug in KnoxCLI of not considering inputs from `gateway-site.xml` ## How was this patch tested? Tested manually in a CM managed cluster where I set: ``` gateway.credential.store.type = BCFKS gateway.credential.store.alg = HMACSHA512 gateway.crypto.salt.size = 16 ``` All changes were picked up and Knox functioned as expected. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
