Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
Sqoop >> mail # dev >> Review Request 15192: SQOOP-1223 Enhance the password file capability to enable plugging-in custom loaders


Copy link to this message
-
Re: Review Request 15192: SQOOP-1223 Enhance the password file capability to enable plugging-in custom loaders


> On Nov. 5, 2013, 6:50 p.m., Venkat Ranganathan wrote:
> > This is good to make sure that the scripts can use encrypted passwords and the additional providers can be added to support better way of managing the passwords.   Also, I think it would be nicer to generally support the DB implementations for secure external authentication (atleast in the case of Sqoop) similar to the Oracle wallet support
>
> Jarek Cecho wrote:
>     Yup exactly, the purpose of the JIRA is open the implementation to plug in any custom loader - possibly even some sort of wallet implementation. The provided "CryptoFileLoader" is more an example of advanced loader, as it's merely obfuscating the password I'm expecting that this will not be the last one. Feel free to implement one if you have an idea Venkat :-)
>
> Venkat Ranganathan wrote:
>     i added support for Oracle Wallets :)   But when we have DB external authentication, then we don't need alternate ways to encrypt/obfuscate it as the DB SSO implementations would be different.   That said, I did implement a secure password handler in a previous life.   May be I can do that for DBs not having external authentication features  :)

Totally agreed that there is no need to encrypt/obfuscate password if we have some external authentication available. Sadly not all db vendors might supported that :-/ Anyway, will take a look at your patch about the Oracle Wallets shortly!
- Jarek
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15192/#review28193
-----------------------------------------------------------
On Nov. 5, 2013, 6:47 p.m., Jarek Cecho wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/15192/
> -----------------------------------------------------------
>
> (Updated Nov. 5, 2013, 6:47 p.m.)
>
>
> Review request for Sqoop.
>
>
> Bugs: SQOOP-1223
>     https://issues.apache.org/jira/browse/SQOOP-1223
>
>
> Repository: sqoop-trunk
>
>
> Description
> -------
>
> I've changed the logic of loading passwords from password file to enable plugging in custom loader. I've also provided example implementation of advanced loader that is able to retrieve the password from encrypted file.
>
>
> Diffs
> -----
>
>   src/java/org/apache/sqoop/SqoopOptions.java 13637b5ef8ddbaa3ac7bbbf920ff24d98b29127f
>   src/java/org/apache/sqoop/tool/BaseSqoopTool.java 9230f82d8727de5e1d97b2846bead230f4d09abd
>   src/java/org/apache/sqoop/util/CredentialsUtil.java 64124693a74ee01fcfcef9f637d60288262ba8f2
>   src/java/org/apache/sqoop/util/password/CryptoFileLoader.java PRE-CREATION
>   src/java/org/apache/sqoop/util/password/FilePasswordLoader.java PRE-CREATION
>   src/java/org/apache/sqoop/util/password/PasswordLoader.java PRE-CREATION
>   src/test/org/apache/sqoop/credentials/TestPassingSecurePassword.java 41a432a6138f7b92dec0d91180a1cd3de9a8b499
>
> Diff: https://reviews.apache.org/r/15192/diff/
>
>
> Testing
> -------
>
> Added unit tests that is testing all out-of-the-box available ECB methods in Java.
>
>
> Thanks,
>
> Jarek Cecho
>
>