访问Elasticsearch时如何对密码进行哈希处理
[英]How to hash password when accesing Elasticsearch
问题描述
I have a question regarding to Elasticsearch. 
我对Elasticsearch有疑问。 I use Search Guard as transport layer security and when I want to read data from elasticsearch I have to give username and password. 我使用Search Guard作为传输层安全性,当我想从elasticsearch读取数据时,我必须提供用户名和密码。 Just like this: 像这样:
import org.apache.spark.{SparkConf, SparkContext}
import org.elasticsearch.spark._
object ReadDataFromES {
def main(args: Array[String]) {
val conf = new SparkConf()
.setAppName("SampleESApp")
.set("es.index.auto.create", "true")
.set("es.nodes", "localhost:9200")
.set("es.net.http.auth.user", "elastic_user")
.set("es.net.http.auth.pass", "elastic_password")
val sc = new SparkContext(conf)
print("Reading data \n\n\n")
val RDD = sc.esRDD("bank/account")
println(RDD.first())
println("\n\n")
/*
print("Writing data \n\n\n")
RDD.saveToEs("bank/spark")
*/
}
}
But the problem is that I don't want to have password (value of es.net.http.auth.pass parameter) as plain text in my code. 但是问题是我不想在代码中将密码(es.net.http.auth.pass参数的值)作为纯文本。 Does anyone know a way to hash this password? 有人知道散列此密码的方法吗?
2 个解决方案
解决方案1
0 2019-03-19 11:39:07
There is a common pattern for splitting authentication information from code base. 有一种常见的模式可用于从代码库中分离身份验证信息。 You need to store such information somewhere else which is not controled or is ignored by the source version control system. 您需要将此类信息存储在源版本控制系统无法控制或忽略的其他位置。 And you implement the way how to access them in code. 然后,您将实现通过代码访问它们的方式。
For example, you can store your username and password for elasticsearch in a json file, which is ignored by git or other VCS you use. 例如,您可以将用于Elasticsearch的用户名和密码存储在json文件中,而git或您使用的其他VCS会将其忽略。 Then in your code just read the json file, parse username and password and give them to the connection configuration. 然后在您的代码中,只需读取json文件,解析用户名和密码,然后将其分配给连接配置即可。 So the username and password remain only local. 因此,用户名和密码仅保留本地。 If you need to run the code in another place you just need to create a json file with appropirate username and password there. 如果您需要在其他地方运行代码,则只需要在其中创建具有正确用户名和密码的json文件即可。
解决方案2
-1 2017-04-03 14:28:16
You can store the password as encrypted text, and then decrypt it when you need to use it. 您可以将密码存储为加密文本,然后在需要使用时解密。 For instance, see How to encrypt and decrypt String with my passphrase in Java (Pc not mobile platform)? 例如,请参阅如何使用Java中的密码短语(非移动平台PC)加密和解密String?
Or, see this answer val encryptedPassword = BCrypt.hashpw(password.trim(),BCrypt.gensalt()) 或者,请参阅此答案val encryptedPassword = BCrypt.hashpw(password.trim(),BCrypt.gensalt())
https://stackoverflow.com/questions/43189900/hash-salt-and-save-password-slick https://stackoverflow.com/questions/43189900/hash-salt-and-save-password-slick
BCrypt is available (for instance) from Spring BCrypt可从Spring获得(例如)
http://docs.spring.io/spring-security/site/docs/current/apidocs/org/springframework/security/crypto/bcrypt/BCrypt.html http://docs.spring.io/spring-security/site/docs/current/apidocs/org/springframework/security/crypto/bcrypt/BCrypt.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.