[
https://issues.apache.org/jira/browse/BEAM-6292?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16798084#comment-16798084
]
Mathieu Blanchard commented on BEAM-6292:
-----------------------------------------
[~iemejia] I think to use a ValueProvider with CassandraIO, I need at least to
add the below method:
{{{color:#205081}public Read<T> withPassword(ValueProvider<String> password)
{{color} }}
Otherwise, the current withPassword() method that expects a String parameter
forces the use of the ValueProvider getter (and therefore the serialization of
the raw password on the staging location), isn't it?
{color:#205081}{{.withPassword(encryptedPassword.get())}}{color}
Did I miss something ?
> PasswordDecrypter: Delay decryption / Avoid serialization
> ---------------------------------------------------------
>
> Key: BEAM-6292
> URL: https://issues.apache.org/jira/browse/BEAM-6292
> Project: Beam
> Issue Type: Improvement
> Components: io-java-cassandra
> Reporter: Mathieu Blanchard
> Assignee: Mathieu Blanchard
> Priority: Minor
> Labels: triaged
> Fix For: 2.12.0
>
> Time Spent: 10h 40m
> Remaining Estimate: 0h
>
> Currently, the password is decrypted before the serialization of the pipeline
> and this causes the raw version to be visible to everyone on the staging
> location.
> To avoid this, we delayed the decryption of the password when connecting to
> the cluster, which ensures that the raw password is never serialized in the
> pipeline.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
