You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Larry McCay (JIRA)" <ji...@apache.org> on 2015/12/01 13:39:11 UTC

[jira] [Commented] (HADOOP-12554) Swift client to read credentials from a credential provider

    [ https://issues.apache.org/jira/browse/HADOOP-12554?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15033618#comment-15033618 ] 

Larry McCay commented on HADOOP-12554:
--------------------------------------

[~steve_l] - I'm taking a look at this today and just want to make sure that I am considering the right change...

SwiftRestClient uses RestClientBindings to create the expected Properties instance from the Hadoop configuration object.
I am considering adding a new method to RestClientBindings to for copyPassword which will use Configuration.getPassword rather than Configuration.get to extract the value from config.

We will then replace the following calls in the bind method with copyPassword:

{code}
    copy(conf, prefix + DOT_USERNAME, props, SWIFT_USERNAME_PROPERTY, true);
    copy(conf, prefix + DOT_APIKEY, props, SWIFT_APIKEY_PROPERTY, false);
    copy(conf, prefix + DOT_PASSWORD, props, SWIFT_PASSWORD_PROPERTY,
            props.contains(SWIFT_APIKEY_PROPERTY) ? true : false);
{code}

This will allow for backward compatibility to values in config but the ability to override that with CredentialProvider stored credentials.

I don't happen to see any analogue to the S3 ability to provide the credentials as part of the userInfo in the URI.
It is possible that I have missed it though.

Does this sound right?


> Swift client to read credentials from a credential provider
> -----------------------------------------------------------
>
>                 Key: HADOOP-12554
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12554
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: fs/swift
>    Affects Versions: 2.7.1
>            Reporter: Steve Loughran
>            Assignee: Larry McCay
>            Priority: Minor
>
> As HADOOP-12548 is going to do for s3, Swift should be reading credentials, particularly passwords, from a credential provider. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)