Special Note on Parameter main.ldapRealm.contextFactory.systemPassword
The value for this could have one of the following two formats:
plaintextpassword
${ALIAS=ldcSystemPassword}
The first format specifies the password in plain text in the provider configuration. Use of this format should be limited for testing and troubleshooting.
We strongly recommend using the second format
${ALIAS=ldcSystemPassword}
in production. This format
uses an alias for the password stored in credential store. In the
example ${ALIAS=ldcSystemPassword}
, ldcSystemPassword is
the alias for the password stored in credential store.
Assuming the plain text password is “hadoop”, and your topology file name is “hdp.xml”, you would use following command to create the right password alias in credential store.
{GATEWAY_HOME}/bin/knoxcli.sh create-alias ldcSystemPassword --cluster hdp --value hadoop