sqoop-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hari Shreedharan" <hshreedha...@cloudera.com>
Subject Re: Review Request 15192: SQOOP-1223 Enhance the password file capability to enable plugging-in custom loaders
Date Tue, 05 Nov 2013 00:30:37 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/15192/#review28137
-----------------------------------------------------------



src/java/org/apache/sqoop/util/password/CryptoFileLoader.java
<https://reviews.apache.org/r/15192/#comment54750>

    Looks like the passphrase to the encrypted file is passed through the job config. That
is an not a secure way to pass the password right? Even though this is a simple example, I
think we should make sure that it is as secure as possible.


- Hari Shreedharan


On Nov. 2, 2013, 1:04 a.m., Jarek Cecho wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/15192/
> -----------------------------------------------------------
> 
> (Updated Nov. 2, 2013, 1:04 a.m.)
> 
> 
> Review request for Sqoop.
> 
> 
> Bugs: SQOOP-1223
>     https://issues.apache.org/jira/browse/SQOOP-1223
> 
> 
> Repository: sqoop-trunk
> 
> 
> Description
> -------
> 
> I've changed the logic of loading passwords from password file to enable plugging in
custom loader. I've also provided example implementation of advanced loader that is able to
retrieve the password from encrypted file.
> 
> 
> Diffs
> -----
> 
>   src/java/org/apache/sqoop/SqoopOptions.java 13637b5ef8ddbaa3ac7bbbf920ff24d98b29127f

>   src/java/org/apache/sqoop/tool/BaseSqoopTool.java 9230f82d8727de5e1d97b2846bead230f4d09abd

>   src/java/org/apache/sqoop/util/CredentialsUtil.java 64124693a74ee01fcfcef9f637d60288262ba8f2

>   src/java/org/apache/sqoop/util/password/CryptoFileLoader.java PRE-CREATION 
>   src/java/org/apache/sqoop/util/password/FilePasswordLoader.java PRE-CREATION 
>   src/java/org/apache/sqoop/util/password/PasswordLoader.java PRE-CREATION 
>   src/test/org/apache/sqoop/credentials/TestPassingSecurePassword.java 41a432a6138f7b92dec0d91180a1cd3de9a8b499

> 
> Diff: https://reviews.apache.org/r/15192/diff/
> 
> 
> Testing
> -------
> 
> Added unit tests that is testing all out-of-the-box available ECB methods in Java.
> 
> 
> Thanks,
> 
> Jarek Cecho
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message