You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@atlas.apache.org by "Vipin Rathor (JIRA)" <ji...@apache.org> on 2016/12/07 07:54:58 UTC

[jira] [Updated] (ATLAS-1340) Credential Provider utility does not work with fully qualified local/HDFS jceks path

     [ https://issues.apache.org/jira/browse/ATLAS-1340?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Vipin Rathor updated ATLAS-1340:
--------------------------------
    Attachment: ATLAS-1340-v2.patch

Hi Vimal,
Thank you very much for looking into the patch. I'm attaching a better one with fixed integration test. Please take care of this.
Thanks a lot, cheers !

> Credential Provider utility does not work with fully qualified local/HDFS jceks path
> ------------------------------------------------------------------------------------
>
>                 Key: ATLAS-1340
>                 URL: https://issues.apache.org/jira/browse/ATLAS-1340
>             Project: Atlas
>          Issue Type: Bug
>    Affects Versions: trunk
>            Reporter: Vipin Rathor
>            Priority: Minor
>              Labels: patch, security
>         Attachments: ATLAS-1340-v2.patch, fix-hdfs-credProvider.patch
>
>
> At present the Atlas Credential Provider utility (./bin/cputil.py) does not work with credential provider path like jceks://file/local/file/path/file.jceks or jceks://hdfs@namenodehost:port/path/in/hdfs/to/file.jceks as mentioned in documentation page at http://atlas.apache.org/Security.html (section: Credential Provider Utility Script)
> Current Behavior:
> cputil.py always creates a credential provider file in local file system at root directory as follows:
> 1. For the input "jceks://file/local/file/path/file.jceks",
> file created => /jceks:/file/local/file/path/file.jceks
> 2. For the input "jceks://hdfs@namenode.com:8020/path/in/hdfs/to/file.jceks",
> file created => /jceks:/hdfs@namenode.com:8020/path/in/hdfs/to/file.jceks on local file system
> Expected Behavior:
> 1. For the input "jceks://file/local/file/path/file.jceks",
> file created should be /local/file/path/file.jceks
> 2. For the input "jceks://hdfs@namenode.com:8020/path/in/hdfs/to/file.jceks",
> file created should be /path/in/hdfs/to/file.jceks on the specified HDFS file system.
> Steps to re-create:
> 1. Run ./bin/cputil.py and provide fully qualified path to jceks file as described above.
> Attached is a patch to fix this issue. Tested with both local and HDFS jceks credential provider path.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)