[DRILL-7547] More secure storage for mongodb credentials - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.17.0
Fix Version/s: 1.18.0
Component/s: Storage - MongoDB
Labels:
- ready-to-commit

Description

Currently you can sort of "hide" S3 AWS credentials in core-site.xml, but for the mongodb connection the username and password are accessible from the Web UI, API, and ZooKeeper API because it is placed in the configuration for the storage plugin.

I wonder if it would be possible to store the username and password used for mongodb connection in a more secure manner, maybe it could be encrypted when you first save it, then even if you look at the configuration for the mongodb storage plugin via the ZooKeeper API you cannot extract the username and password.

Attachments

Issue Links

links to

GitHub Pull Request #2001

Activity

People

Assignee:: Dobes Vandermeer

Reporter:: Dobes Vandermeer

Reviewer:: Arina Ielchiieva

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 22/Jan/20 21:03

Updated:: 02/Mar/20 15:03

Resolved:: 02/Mar/20 15:03