You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@atlas.apache.org by "Vimal Sharma (JIRA)" <ji...@apache.org> on 2016/12/07 10:55:59 UTC

[jira] [Commented] (ATLAS-1340) Credential Provider utility does not work with fully qualified local/HDFS jceks path

    [ https://issues.apache.org/jira/browse/ATLAS-1340?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15728451#comment-15728451 ] 

Vimal Sharma commented on ATLAS-1340:
-------------------------------------

+1

> Credential Provider utility does not work with fully qualified local/HDFS jceks path
> ------------------------------------------------------------------------------------
>
>                 Key: ATLAS-1340
>                 URL: https://issues.apache.org/jira/browse/ATLAS-1340
>             Project: Atlas
>          Issue Type: Bug
>    Affects Versions: trunk
>            Reporter: Vipin Rathor
>            Priority: Minor
>              Labels: patch, security
>             Fix For: trunk
>
>         Attachments: ATLAS-1340-v2.patch, fix-hdfs-credProvider.patch
>
>
> At present the Atlas Credential Provider utility (./bin/cputil.py) does not work with credential provider path like jceks://file/local/file/path/file.jceks or jceks://hdfs@namenodehost:port/path/in/hdfs/to/file.jceks as mentioned in documentation page at http://atlas.apache.org/Security.html (section: Credential Provider Utility Script)
> Current Behavior:
> cputil.py always creates a credential provider file in local file system at root directory as follows:
> 1. For the input "jceks://file/local/file/path/file.jceks",
> file created => /jceks:/file/local/file/path/file.jceks
> 2. For the input "jceks://hdfs@namenode.com:8020/path/in/hdfs/to/file.jceks",
> file created => /jceks:/hdfs@namenode.com:8020/path/in/hdfs/to/file.jceks on local file system
> Expected Behavior:
> 1. For the input "jceks://file/local/file/path/file.jceks",
> file created should be /local/file/path/file.jceks
> 2. For the input "jceks://hdfs@namenode.com:8020/path/in/hdfs/to/file.jceks",
> file created should be /path/in/hdfs/to/file.jceks on the specified HDFS file system.
> Steps to re-create:
> 1. Run ./bin/cputil.py and provide fully qualified path to jceks file as described above.
> Attached is a patch to fix this issue. Tested with both local and HDFS jceks credential provider path.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)