hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry McCay (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HADOOP-12846) Credential Provider Recursive Dependencies
Date Fri, 26 Feb 2016 17:38:18 GMT
Larry McCay created HADOOP-12846:

             Summary: Credential Provider Recursive Dependencies
                 Key: HADOOP-12846
                 URL: https://issues.apache.org/jira/browse/HADOOP-12846
             Project: Hadoop Common
          Issue Type: Bug
            Reporter: Larry McCay
            Assignee: Larry McCay

There are a few credential provider integration points in which the use of a certain type
of provider in a certain filesystem causes a recursive infinite loop. 

For instance, a component such as sqoop can be protecting a db password in a credential provider
within the wasb/azure filesystem. Now that HADOOP-12555 has introduced the ability to protect
the access keys for wasb we suddenly need access to wasb to get the database keys which initiates
the attempt to get the access keys from wasb - since there is a provider path configured for

For such integrations, those in which it doesn't make sense to protect the access keys inside
the thing that we need the keys to access, we need a solution to avoid this recursion - other
than dictating what filesystems can be used by other components.

This patch proposes the ability to scrub the configured provider path of any provider types
that would be incompatible with the integration point. In other words, before calling Configuration.getPassword
for the access keys to wasb, we can remove any configured providers that require access to

This will require some regex expressions that can be used to identify the configuration of
such provider uri's within the provider path parameter.

This message was sent by Atlassian JIRA

View raw message