hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry McCay (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-10427) KeyProvider implementations should be thread safe
Date Thu, 03 Apr 2014 00:20:15 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13958375#comment-13958375
] 

Larry McCay commented on HADOOP-10427:
--------------------------------------

I start getting a little concerned when we are talking about thread safety of these.
Mainly because the JavaKeystoreProvider should not be used as a database.

Initial implementation of the KeyProvider API assumes a rather basic and controlled access
to key management.
We do need to ensure thread safety for these implementations and equally as important for
protection against corrupted keystores.
See: HADOOP-10224

I will add that jira as related.

I would like to consider a more appropriate provider type for access from a KMS as well.

> KeyProvider implementations should be thread safe
> -------------------------------------------------
>
>                 Key: HADOOP-10427
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10427
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 3.0.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Alejandro Abdelnur
>         Attachments: HADOOP-10427.patch, HADOOP-10427.patch
>
>
> The {{KeyProvider}} API should be thread-safe so it can be used safely in server apps.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message