hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Yang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-14063) Hadoop CredentialProvider fails to load list of keystore files
Date Tue, 18 Apr 2017 16:17:41 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-14063?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15972991#comment-15972991
] 

Eric Yang commented on HADOOP-14063:
------------------------------------

Agree with Yan that FileNotFound exception should not be captured to preserve existing semantic.
 For AccessControlException, it would be right to handle the exception and return false. 
This would be closer to the original implementation.

> Hadoop CredentialProvider fails to load list of keystore files
> --------------------------------------------------------------
>
>                 Key: HADOOP-14063
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14063
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>            Reporter: ramtin
>            Assignee: ramtin
>         Attachments: HADOOP-14063-001.patch, HADOOP-14063-002.patch
>
>
> The {{hadoop.security.credential.provider.path}} property can be a list of keystore files
like this:
> _jceks://hdfs/file1.jceks,jceks://hdfs/file2.jceks,jceks://hdfs/file3.jceks ..._
> Each file can have different permissions set to limit the users that have access to the
keys.  Some users may not have access to all the keystore files.
> Each keystore file in the list should be tried until one is found with the key needed.

> Currently it will throw an exception if one of the keystore files cannot be loaded instead
of continuing to try the next one in the list.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message