You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Da Zhou (JIRA)" <ji...@apache.org> on 2018/10/02 22:39:00 UTC
[jira] [Comment Edited] (HADOOP-15795) Making HTTPS as default for
ABFS
[ https://issues.apache.org/jira/browse/HADOOP-15795?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16636188#comment-16636188 ]
Da Zhou edited comment on HADOOP-15795 at 10/2/18 10:38 PM:
------------------------------------------------------------
Hi [~tmarquardt]
Here are some context:
1. "fs.azure.secure.mode" is set in configuration but it is never used in ABFS production code.
2. isSecure is not set through configuration key, it is actually determined by the scheme being used.
if "abfs://xxx" is used, then a AzureBlobFileSystem will be initialized,
if "abfss://xxx" is used, then a SecureAzureBlobFileSystem will be initialized.
That's why AzureBlobFileSystem always return isSecure as false, and SecureAzureBlobFileSystem always return isSecure as true.
So.
L157: do you mean remove this member field from AzureBlobFileSystem and SecureAzureBlobFileSystem?
L140: since isSecure is determined by the schema, so I think that expression is doing the right thing, but I can update it to :
{code:java}
boolean useHttps = abfsConfiguration.isHttpsAlwaysUsed() ? true :isSecureSchema;
{code}
. which will make it more clear.
ITestClientUrlScheme:
"abfss://" and "fs.azure.always.use.https" is *false* is covered in the else assert (securemode = true and alwaysUseHttps = false).
was (Author: danielzhou):
Hi [~tmarquardt]
Here are some context:
1. "fs.azure.secure.mode" is set in configuration but it is never used in ABFS production code.
2. isSecure is not set through configuration key, it is actually determined by the scheme being used.
if "abfs://xxx" is used, then a AzureBlobFileSystem will be initialized,
if "abfss://xxx" is used, then a SecureAzureBlobFileSystem will be initialized.
That's why AzureBlobFileSystem always return isSecure as false, and SecureAzureBlobFileSystem always return isSecure as true.
So.
L157: do you mean remove this member field from AzureBlobFileSystem and SecureAzureBlobFileSystem?
L140: since isSecure is determined by the schema, so I think that expression is doing the right thing, but I can update it to :
{code:java}
boolean useHttps = abfsConfiguration.isHttpsAlwaysUsed() ? true :isSecure;
{code}
. which will make it more clear.
ITestClientUrlScheme:
"abfss://" and "fs.azure.always.use.https" is *false* is covered in the else assert (securemode = true and alwaysUseHttps = false).
> Making HTTPS as default for ABFS
> --------------------------------
>
> Key: HADOOP-15795
> URL: https://issues.apache.org/jira/browse/HADOOP-15795
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/azure
> Affects Versions: 3.2.0
> Reporter: Da Zhou
> Assignee: Da Zhou
> Priority: Major
> Attachments: HADOOP-15795-001.patch, HADOOP-15795-002.patch, HADOOP-15795-003.patch
>
>
> HTTPS should be used as default in ABFS, but also we provide a configuration key for user to disable it in non-secure mode.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org