hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-6986) DistributedFileSystem must get delegation tokens from configured KeyProvider
Date Tue, 02 Sep 2014 22:51:51 GMT

    [ https://issues.apache.org/jira/browse/HDFS-6986?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14118902#comment-14118902
] 

Alejandro Abdelnur commented on HDFS-6986:
------------------------------------------

The changes in {{DistributedFileSystem.java}} should be something like:

{code}
  @Override
  public Token<?>[] addDelegationTokens(String renewer, Credentials credentials) 
      throws IOException {
    Token<?>[] tokens = super.addDelegationTokens(renewer, credentials);
    if (dfs.getKeyProvider() != null) {
      KeyProviderDelegationTokenExtension keyProviderDelegationTokenExtension = 
          KeyProviderDelegationTokenExtension.
              createKeyProviderDelegationTokenExtension(dfs.getKeyProvider());
      Token<?>[] kpTokens = keyProviderDelegationTokenExtension.
          addDelegationTokens(renewer, credentials);
      if (tokens != null && kpTokens != null) {
        Token<?>[] all = new Token<?>[tokens.length + kpTokens.length];
        System.arraycopy(tokens, 0, all, 0, tokens.length);        
        System.arraycopy(kpTokens, 0, all, tokens.length, kpTokens.length);
        tokens = all;
      } else {
        tokens = (tokens != null) ? tokens : kpTokens;
      }
    }
    return tokens;
  }
{code}

And {{DFSClient}} should expose  the keyprovider via a {{getKeyProvider()}} method.


  
 

> DistributedFileSystem must get delegation tokens from configured KeyProvider
> ----------------------------------------------------------------------------
>
>                 Key: HDFS-6986
>                 URL: https://issues.apache.org/jira/browse/HDFS-6986
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: security
>    Affects Versions: 2.6.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Zhe Zhang
>
> {{KeyProvider}} via {{KeyProviderDelegationTokenExtension}} provides delegation tokens.
{{DistributedFileSystem}} should augment the HDFS delegation tokens with the keyprovider ones
so tasks can interact with keyprovider when it is a client/server impl (KMS).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message