You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "He Xiaoqiao (JIRA)" <ji...@apache.org> on 2018/07/26 13:17:00 UTC
[jira] [Commented] (HADOOP-10428) JavaKeyStoreProvider should
accept keystore password via configuration falling back to ENV VAR
[ https://issues.apache.org/jira/browse/HADOOP-10428?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16558297#comment-16558297 ]
He Xiaoqiao commented on HADOOP-10428:
--------------------------------------
hi [~tucu00], [~andrew.wang]
in patch [^HADOOP-10428.patch] (05/Apr/14 03:25), I found that add the following source code
{code:java}
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ URL pwdFile = cl.getResource(pwFile);
{code}
My question is why read password about KeyStore file using ClassLoader#getResource, is there some specific consideration?
If I config password path which is not in classpath, file will not be found and read fail. In my opinion, it may be something wrong.
> JavaKeyStoreProvider should accept keystore password via configuration falling back to ENV VAR
> ----------------------------------------------------------------------------------------------
>
> Key: HADOOP-10428
> URL: https://issues.apache.org/jira/browse/HADOOP-10428
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 3.0.0-alpha1
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Priority: Major
> Fix For: 2.6.0
>
> Attachments: HADOOP-10428.patch, HADOOP-10428.patch, HADOOP-10428.patch, HADOOP-10428.patch
>
>
> Currently the password for the {{JavaKeyStoreProvider}} must be set in an ENV VAR.
> Allowing the password to be set via configuration enables applications to interactively ask for the password before initializing the {{JavaKeyStoreProvider}}.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org