You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Steve Loughran (JIRA)" <ji...@apache.org> on 2017/06/16 17:14:00 UTC

[jira] [Commented] (HADOOP-14135) Remove URI parameter in AWSCredentialProvider constructors

    [ https://issues.apache.org/jira/browse/HADOOP-14135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16052150#comment-16052150 ] 

Steve Loughran commented on HADOOP-14135:
-----------------------------------------

you know, I'm staring at the code wondering if "should we have preserved the URI?".  Why? Because I'd like to know the name of the bucket I'm connecting to, which was part of that URI.

What do people think about me adding the bucket name *and only the bucket name* as a property in the configuration. That way, no secrets get into the path, and anything which wants the bucket can look it up?

> Remove URI parameter in AWSCredentialProvider constructors
> ----------------------------------------------------------
>
>                 Key: HADOOP-14135
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14135
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/s3
>            Reporter: Mingliang Liu
>            Assignee: Mingliang Liu
>             Fix For: 2.9.0, 3.0.0-alpha4, 2.8.2
>
>         Attachments: HADOOP-14135.000.patch, HADOOP-14135.001.patch, HADOOP-14135.002.patch, HADOOP-14135.003.patch
>
>
> This was from comment in [HADOOP-13252].
> It looks like the URI parameter is not needed for our AWSCredentialProvider constructors. This was useful because we relied on URI parameter for retrieving user:pass. Now in binding URIs, we have
> {code}
> 279 S3xLoginHelper.Login creds = getAWSAccessKeys(binding, conf);
> 280	      credentials.add(new BasicAWSCredentialsProvider(
> 281	              creds.getUser(), creds.getPassword()));
> {code}
> This way, we only need configuration object (if necessary) for all AWSCredentialProvider implementations. The benefit is that, if we create AWSCredentialProvider list for DynamoDB, we don't have to pass down the associated file system URI. This might be useful to S3Guard tools.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org