stackoom
  简体   繁体   中英

How to hash password when accesing Elasticsearch

 原文  2017-04-03 13:28:58       scala/ elasticsearch/ elasticsearch-5

Question

I have a question regarding to Elasticsearch. I use Search Guard as transport layer security and when I want to read data from elasticsearch I have to give username and password. Just like this: 

import org.apache.spark.{SparkConf, SparkContext}

import org.elasticsearch.spark._

object ReadDataFromES {
def main(args: Array[String]) {
  val conf = new SparkConf()
  .setAppName("SampleESApp")
  .set("es.index.auto.create", "true")
  .set("es.nodes", "localhost:9200")
  .set("es.net.http.auth.user", "elastic_user")
  .set("es.net.http.auth.pass", "elastic_password")
  val sc = new SparkContext(conf)

  print("Reading data \n\n\n")
  val RDD = sc.esRDD("bank/account")
  println(RDD.first())
  println("\n\n")
  /*
  print("Writing data \n\n\n")
  RDD.saveToEs("bank/spark")
  */
}
}

But the problem is that I don't want to have password (value of es.net.http.auth.pass parameter) as plain text in my code. Does anyone know a way to hash this password?

2 answers

solution1
 0  2019-03-19 11:39:07

There is a common pattern for splitting authentication information from code base. You need to store such information somewhere else which is not controled or is ignored by the source version control system. And you implement the way how to access them in code.

For example, you can store your username and password for elasticsearch in a json file, which is ignored by git or other VCS you use. Then in your code just read the json file, parse username and password and give them to the connection configuration. So the username and password remain only local. If you need to run the code in another place you just need to create a json file with appropirate username and password there.

solution2
 -1  2017-04-03 14:28:16

You can store the password as encrypted text, and then decrypt it when you need to use it. For instance, see How to encrypt and decrypt String with my passphrase in Java (Pc not mobile platform)?

Or, see this answer val encryptedPassword = BCrypt.hashpw(password.trim(),BCrypt.gensalt())

https://stackoverflow.com/questions/43189900/hash-salt-and-save-password-slick

BCrypt is available (for instance) from Spring

http://docs.spring.io/spring-security/site/docs/current/apidocs/org/springframework/security/crypto/bcrypt/BCrypt.html

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to simulate password hash of pbkdf2-scala in Golang pbkdf2 Password and password hash in a model and in db table How to convert types when reading data from Elasticsearch using elasticsearch-spark in SPARK Reproducing CouchDB 1.2.0 password hash function in Java/Scala How do I parse timestamps correctly when using saveToEs to save data from a Spark DataFrame to Elasticsearch? how to get the mock TransportClient in ElasticSearch How to check if ElasticSearch is running properly how to insert array of objects in elasticsearch How to save dataframe to Elasticsearch with mappings How to understand spark api for elasticsearch
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM