[
https://issues.apache.org/jira/browse/SPARK-24518?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17680513#comment-17680513
]
Ruslan Sabitov commented on SPARK-24518:
----------------------------------------
{quote}One query on this.We've hive-jceks file which is used by hive. Spark
will load hive-site.xml there provioder file permissions are 640 and its fail.
Password should be stored in jceks file which needs to have read access for
all..? and can spark overide this config.?
{quote}
I hit the same issue. Is there any workaround to resolve this issue without
granting permission to jceks file?
> Using Hadoop credential provider API to store password
> ------------------------------------------------------
>
> Key: SPARK-24518
> URL: https://issues.apache.org/jira/browse/SPARK-24518
> Project: Spark
> Issue Type: Improvement
> Components: Spark Core
> Affects Versions: 2.3.0
> Reporter: Saisai Shao
> Assignee: Saisai Shao
> Priority: Minor
> Fix For: 2.4.0
>
>
> Current Spark configs password in a plaintext way, like putting in the
> configuration file or adding as a launch arguments, sometimes such
> configurations like SSL password is configured by cluster admin, which should
> not be seen by user, but now this passwords are world readable to all the
> users.
> Hadoop credential provider API support storing password in a secure way, in
> which Spark could read it in a secure way, so here propose to add support of
> using credential provider API to get password.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
