[
https://issues.apache.org/jira/browse/AMBARI-18650?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15629438#comment-15629438
]
Jonathan Maron commented on AMBARI-18650:
-----------------------------------------
Currently there is only handling for writing passwords to the CP store. This
approach is missing Ambari's need to potentially read the passwords from the
configured credential provider. For example, during hive startup the schema
tool is invoked:
{code}
export HIVE_CONF_DIR=/usr/hdp/current/hive-metastore/conf/conf.server ;
/usr/hdp/current/hive-metastore/bin/schematool -initSchema -dbType mysql
-userName hive -passWord [PROTECTED]
{code}
In this instance it would be more appropriate for the agent script to read the
credential from the CP.
> Ambari should be able to manage passwords using a credential store
> ------------------------------------------------------------------
>
> Key: AMBARI-18650
> URL: https://issues.apache.org/jira/browse/AMBARI-18650
> Project: Ambari
> Issue Type: Documentation
> Components: ambari-server
> Affects Versions: 2.5.0
> Reporter: Nahappan Somasundaram
> Assignee: Nahappan Somasundaram
> Fix For: 2.5.0
>
> Attachments: AmbariSupportforCredentialStore.pdf
>
>
> With Credential API many Hadoop components allow referring to password that
> are encrypted and stored in a credential store.
> Example: SSL Passwords for HBase, Oozie, etc
> Ambari should support the use of hadoop credential store to manage such
> passwords.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
