hadoop-common-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ste...@apache.org
Subject hadoop git commit: HADOOP-12804. Read Proxy Password from Credential Providers in S3 FileSystem. Contributed by Larry McCay.
Date Fri, 25 Nov 2016 13:35:28 GMT
Repository: hadoop
Updated Branches:
  refs/heads/branch-2.8 c9297b608 -> db37ad0eb


HADOOP-12804. Read Proxy Password from Credential Providers in S3 FileSystem. Contributed
by Larry McCay.


Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/db37ad0e
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/db37ad0e
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/db37ad0e

Branch: refs/heads/branch-2.8
Commit: db37ad0ebfe8938a98e1c9ab26235c496645ca9a
Parents: c9297b6
Author: Steve Loughran <stevel@apache.org>
Authored: Fri Nov 25 13:33:32 2016 +0000
Committer: Steve Loughran <stevel@apache.org>
Committed: Fri Nov 25 13:33:32 2016 +0000

----------------------------------------------------------------------
 .../apache/hadoop/fs/s3a/S3ClientFactory.java   | 15 ++++++---
 .../hadoop/fs/s3a/ITestS3AConfiguration.java    | 33 ++++++++++++++++++++
 2 files changed, 43 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hadoop/blob/db37ad0e/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/S3ClientFactory.java
----------------------------------------------------------------------
diff --git a/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/S3ClientFactory.java
b/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/S3ClientFactory.java
index 0a4dd02..9795635 100644
--- a/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/S3ClientFactory.java
+++ b/hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/S3ClientFactory.java
@@ -118,7 +118,8 @@ interface S3ClientFactory {
      * @throws IllegalArgumentException if misconfigured
      */
     private static void initProxySupport(Configuration conf,
-        ClientConfiguration awsConf) throws IllegalArgumentException {
+        ClientConfiguration awsConf)
+            throws IllegalArgumentException, IOException {
       String proxyHost = conf.getTrimmed(PROXY_HOST, "");
       int proxyPort = conf.getInt(PROXY_PORT, -1);
       if (!proxyHost.isEmpty()) {
@@ -135,7 +136,11 @@ interface S3ClientFactory {
           }
         }
         String proxyUsername = conf.getTrimmed(PROXY_USERNAME);
-        String proxyPassword = conf.getTrimmed(PROXY_PASSWORD);
+        String proxyPassword = null;
+        char[] proxyPass = conf.getPassword(PROXY_PASSWORD);
+        if (proxyPass != null) {
+          proxyPassword = new String(proxyPass).trim();
+        }
         if ((proxyUsername == null) != (proxyPassword == null)) {
           String msg = "Proxy error: " + PROXY_USERNAME + " or " +
               PROXY_PASSWORD + " set without the other.";
@@ -147,11 +152,11 @@ interface S3ClientFactory {
         awsConf.setProxyDomain(conf.getTrimmed(PROXY_DOMAIN));
         awsConf.setProxyWorkstation(conf.getTrimmed(PROXY_WORKSTATION));
         if (LOG.isDebugEnabled()) {
-          LOG.debug("Using proxy server {}:{} as user {} with password {} on " +
-                  "domain {} as workstation {}", awsConf.getProxyHost(),
+          LOG.debug("Using proxy server {}:{} as user {} on " +
+                "domain {} as workstation {}", awsConf.getProxyHost(),
               awsConf.getProxyPort(),
               String.valueOf(awsConf.getProxyUsername()),
-              awsConf.getProxyPassword(), awsConf.getProxyDomain(),
+              awsConf.getProxyDomain(),
               awsConf.getProxyWorkstation());
         }
       } else if (proxyPort >= 0) {

http://git-wip-us.apache.org/repos/asf/hadoop/blob/db37ad0e/hadoop-tools/hadoop-aws/src/test/java/org/apache/hadoop/fs/s3a/ITestS3AConfiguration.java
----------------------------------------------------------------------
diff --git a/hadoop-tools/hadoop-aws/src/test/java/org/apache/hadoop/fs/s3a/ITestS3AConfiguration.java
b/hadoop-tools/hadoop-aws/src/test/java/org/apache/hadoop/fs/s3a/ITestS3AConfiguration.java
index 1d00001..baf0f79 100644
--- a/hadoop-tools/hadoop-aws/src/test/java/org/apache/hadoop/fs/s3a/ITestS3AConfiguration.java
+++ b/hadoop-tools/hadoop-aws/src/test/java/org/apache/hadoop/fs/s3a/ITestS3AConfiguration.java
@@ -174,6 +174,39 @@ public class ITestS3AConfiguration {
   }
 
   @Test
+  public void testProxyPasswordFromCredentialProvider() throws Exception {
+    ClientConfiguration awsConf = new ClientConfiguration();
+    // set up conf to have a cred provider
+    final Configuration conf2 = new Configuration();
+    final File file = tempDir.newFile("test.jks");
+    final URI jks = ProviderUtils.nestURIForLocalJavaKeyStoreProvider(
+        file.toURI());
+    conf2.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
+        jks.toString());
+
+    provisionProxyPassword(conf2, "password");
+
+    // let's set the password in config and ensure that it uses the credential
+    // provider provisioned value instead.
+    conf2.set(Constants.PROXY_PASSWORD, "passwordLJM");
+    char[] pwd = conf2.getPassword(Constants.PROXY_PASSWORD);
+    assertNotNull("Proxy password should not retrun null.", pwd);
+    if (pwd != null) {
+      assertEquals("Proxy password override did NOT work.", "password",
+          new String(pwd));
+    }
+  }
+
+  void provisionProxyPassword(final Configuration conf2, String pwd)
+      throws Exception {
+    // add our password to the provider
+    final CredentialProvider provider =
+        CredentialProviderFactory.getProviders(conf2).get(0);
+    provider.createCredentialEntry(Constants.PROXY_PASSWORD, pwd.toCharArray());
+    provider.flush();
+  }
+
+  @Test
   public void testUsernameInconsistentWithPassword() throws Exception {
     conf = new Configuration();
     conf.setInt(Constants.MAX_ERROR_RETRIES, 2);


---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org


Mime
View raw message