forked from azkaban/azkaban
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding Principle of Least Priviledge Security model for Keystore Mana… (
azkaban#3216) * Adding Principle of Least Priviledge Security model for Keystore Manager and for in-memory Security Certificates * Reverting Kafka relevant changes from POLP change * Addressing PR comment - > Added default value for use.polp.keystores and bter naming conventions along with saving extra DB call. * Added security init image name using local variable
- Loading branch information
Showing
9 changed files
with
125 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
23 changes: 23 additions & 0 deletions
23
...oop-security-plugin/src/main/java/azkaban/security/CredentialProviderWithKeyStoreMap.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
package azkaban.security; | ||
|
||
import java.security.KeyStore; | ||
import java.util.Map; | ||
import javax.annotation.Nonnull; | ||
|
||
|
||
public interface CredentialProviderWithKeyStoreMap extends CredentialProvider { | ||
/** | ||
* get KeyStoreMap to be reused within an Azkaban Flow | ||
* | ||
* @return KeyStore | ||
*/ | ||
public Map<String, KeyStore> getKeyStoreMap(); | ||
|
||
/** | ||
* Set KeyStoreMap to be reused within an Azkaban Flow | ||
* | ||
* @return KeyStore | ||
*/ | ||
public void setKeyStoreMap(final @Nonnull Map<String, KeyStore> keyStoreMap); | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters