atlas-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vipin Rathor (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ATLAS-1340) Credential Provider utility does not work with fully qualified local/HDFS jceks path
Date Mon, 12 Dec 2016 08:21:58 GMT

    [ https://issues.apache.org/jira/browse/ATLAS-1340?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15741295#comment-15741295
] 

Vipin Rathor commented on ATLAS-1340:
-------------------------------------

Thanks [~svimal2106] !

> Credential Provider utility does not work with fully qualified local/HDFS jceks path
> ------------------------------------------------------------------------------------
>
>                 Key: ATLAS-1340
>                 URL: https://issues.apache.org/jira/browse/ATLAS-1340
>             Project: Atlas
>          Issue Type: Bug
>    Affects Versions: trunk
>            Reporter: Vipin Rathor
>            Priority: Minor
>              Labels: patch, security
>             Fix For: trunk
>
>         Attachments: ATLAS-1340-v2.patch, fix-hdfs-credProvider.patch
>
>
> At present the Atlas Credential Provider utility (./bin/cputil.py) does not work with
credential provider path like jceks://file/local/file/path/file.jceks or jceks://hdfs@namenodehost:port/path/in/hdfs/to/file.jceks
as mentioned in documentation page at http://atlas.apache.org/Security.html (section: Credential
Provider Utility Script)
> Current Behavior:
> cputil.py always creates a credential provider file in local file system at root directory
as follows:
> 1. For the input "jceks://file/local/file/path/file.jceks",
> file created => /jceks:/file/local/file/path/file.jceks
> 2. For the input "jceks://hdfs@namenode.com:8020/path/in/hdfs/to/file.jceks",
> file created => /jceks:/hdfs@namenode.com:8020/path/in/hdfs/to/file.jceks on local
file system
> Expected Behavior:
> 1. For the input "jceks://file/local/file/path/file.jceks",
> file created should be /local/file/path/file.jceks
> 2. For the input "jceks://hdfs@namenode.com:8020/path/in/hdfs/to/file.jceks",
> file created should be /path/in/hdfs/to/file.jceks on the specified HDFS file system.
> Steps to re-create:
> 1. Run ./bin/cputil.py and provide fully qualified path to jceks file as described above.
> Attached is a patch to fix this issue. Tested with both local and HDFS jceks credential
provider path.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message