|
|
-
When use import tool to connect a database, is it possible to store the username and password in a separate properties file for security?
sam liu 2013-02-18, 02:43
Hi Experts,
Is it possible or has any other similar methods? Because we really want to
hide all connection related parameters like username/password in a
properties file, for improving security. Our Sqoop version is 1.4.2.
Thanks!
Sam Liu
-
Re: When use import tool to connect a database, is it possible to store the username and password in a separate properties file for security?
Jarek Jarcec Cecho 2013-02-18, 02:53
Hi Sam,
unfortunately this is not possible with Sqoop 1. However we've redesigned the architecture in Sqoop 2 to allow this. It's yet there, but it will be quite soon.
Jarcec
On Mon, Feb 18, 2013 at 10:43:26AM +0800, sam liu wrote:
> Hi Experts,
>
> Is it possible or has any other similar methods? Because we really want to
> hide all connection related parameters like username/password in a
> properties file, for improving security. Our Sqoop version is 1.4.2.
>
> Thanks!
>
> Sam Liu
-
Re: When use import tool to connect a database, is it possible to store the username and password in a separate properties file for security?
sam liu 2013-02-18, 03:03
Thanks, Jarek!
And, is there any JIRA for tracking this?
Sam Liu
2013/2/18 Jarek Jarcec Cecho <[EMAIL PROTECTED]>
> Hi Sam,
> unfortunately this is not possible with Sqoop 1. However we've redesigned
> the architecture in Sqoop 2 to allow this. It's yet there, but it will be
> quite soon.
>
> Jarcec
>
> On Mon, Feb 18, 2013 at 10:43:26AM +0800, sam liu wrote:
> > Hi Experts,
> >
> > Is it possible or has any other similar methods? Because we really want
> to
> > hide all connection related parameters like username/password in a
> > properties file, for improving security. Our Sqoop version is 1.4.2.
> >
> > Thanks!
> >
> > Sam Liu
>
-
Re: When use import tool to connect a database, is it possible to store the username and password in a separate properties file for security?
Jarek Jarcec Cecho 2013-02-18, 03:09
Yes indeed it is - SQOOP-895 [1]. Jarcec Links: 1: https://issues.apache.org/jira/browse/SQOOP-895On Mon, Feb 18, 2013 at 11:03:28AM +0800, sam liu wrote: > Thanks, Jarek! > > And, is there any JIRA for tracking this? > > Sam Liu > > 2013/2/18 Jarek Jarcec Cecho <[EMAIL PROTECTED]> > > > Hi Sam, > > unfortunately this is not possible with Sqoop 1. However we've redesigned > > the architecture in Sqoop 2 to allow this. It's yet there, but it will be > > quite soon. > > > > Jarcec > > > > On Mon, Feb 18, 2013 at 10:43:26AM +0800, sam liu wrote: > > > Hi Experts, > > > > > > Is it possible or has any other similar methods? Because we really want > > to > > > hide all connection related parameters like username/password in a > > > properties file, for improving security. Our Sqoop version is 1.4.2. > > > > > > Thanks! > > > > > > Sam Liu > >
-
Re: When use import tool to connect a database, is it possible to store the username and password in a separate properties file for security?
sam liu 2013-02-18, 04:50
Got it. And is there any plan to support Netezza? 2013/2/18 Jarek Jarcec Cecho <[EMAIL PROTECTED]> > Yes indeed it is - SQOOP-895 [1]. > > Jarcec > > Links: > 1: https://issues.apache.org/jira/browse/SQOOP-895> > On Mon, Feb 18, 2013 at 11:03:28AM +0800, sam liu wrote: > > Thanks, Jarek! > > > > And, is there any JIRA for tracking this? > > > > Sam Liu > > > > 2013/2/18 Jarek Jarcec Cecho <[EMAIL PROTECTED]> > > > > > Hi Sam, > > > unfortunately this is not possible with Sqoop 1. However we've > redesigned > > > the architecture in Sqoop 2 to allow this. It's yet there, but it will > be > > > quite soon. > > > > > > Jarcec > > > > > > On Mon, Feb 18, 2013 at 10:43:26AM +0800, sam liu wrote: > > > > Hi Experts, > > > > > > > > Is it possible or has any other similar methods? Because we really > want > > > to > > > > hide all connection related parameters like username/password in a > > > > properties file, for improving security. Our Sqoop version is 1.4.2. > > > > > > > > Thanks! > > > > > > > > Sam Liu > > > >
-
Re: When use import tool to connect a database, is it possible to store the username and password in a separate properties file for security?
abhijeet gaikwad 2013-02-18, 08:35
Hi Sam, Would this option help? --connection-param-file <filename> Read more here - http://sqoop.apache.org/docs/1.4.2/SqoopUserGuide.htmlThanks, Abhijeet On Mon, Feb 18, 2013 at 8:13 AM, sam liu <[EMAIL PROTECTED]> wrote: > Hi Experts, > > Is it possible or has any other similar methods? Because we really want to > hide all connection related parameters like username/password in a > properties file, for improving security. Our Sqoop version is 1.4.2. > > Thanks! > > Sam Liu >
-
Re: When use import tool to connect a database, is it possible to store the username and password in a separate properties file for security?
Jarek Jarcec Cecho 2013-02-18, 15:59
The parameter --connection-param-file is more targeting user experience than a security. It can be used to hide password from command line to a file similarly as parameter -P. However it's worth mentioning that the password will still be serialized into JobConf and thus openly available to all users that have access to the JobTracker. Jarcec On Mon, Feb 18, 2013 at 02:05:06PM +0530, abhijeet gaikwad wrote: > Hi Sam, > Would this option help? > > --connection-param-file <filename> > > Read more here - http://sqoop.apache.org/docs/1.4.2/SqoopUserGuide.html> > Thanks, > Abhijeet > > On Mon, Feb 18, 2013 at 8:13 AM, sam liu <[EMAIL PROTECTED]> wrote: > > > Hi Experts, > > > > Is it possible or has any other similar methods? Because we really want to > > hide all connection related parameters like username/password in a > > properties file, for improving security. Our Sqoop version is 1.4.2. > > > > Thanks! > > > > Sam Liu > >
-
Re: When use import tool to connect a database, is it possible to store the username and password in a separate properties file for security?
abhijeet gaikwad 2013-02-18, 16:17
Thanks Jarcec. Yes, I agree it is worth a mention that JobConf gives away the password. If they can somehow mitigate the JobConf "password in plaintext" glitch, that should not be the end of world for them. I wanted them to evaluate the way if at all it helps them. Above all, Sqoop 2 is the best way out. Thanks, Abhijeet On Mon, Feb 18, 2013 at 9:29 PM, Jarek Jarcec Cecho <[EMAIL PROTECTED]>wrote: > The parameter --connection-param-file is more targeting user experience > than a security. It can be used to hide password from command line to a > file similarly as parameter -P. However it's worth mentioning that the > password will still be serialized into JobConf and thus openly available to > all users that have access to the JobTracker. > > Jarcec > > On Mon, Feb 18, 2013 at 02:05:06PM +0530, abhijeet gaikwad wrote: > > Hi Sam, > > Would this option help? > > > > --connection-param-file <filename> > > > > Read more here - http://sqoop.apache.org/docs/1.4.2/SqoopUserGuide.html> > > > Thanks, > > Abhijeet > > > > On Mon, Feb 18, 2013 at 8:13 AM, sam liu <[EMAIL PROTECTED]> wrote: > > > > > Hi Experts, > > > > > > Is it possible or has any other similar methods? Because we really > want to > > > hide all connection related parameters like username/password in a > > > properties file, for improving security. Our Sqoop version is 1.4.2. > > > > > > Thanks! > > > > > > Sam Liu > > > >
|
|
