Larry McCay created HADOOP-12846:
------------------------------------
Summary: Credential Provider Recursive Dependencies
Key: HADOOP-12846
URL: https://issues.apache.org/jira/browse/HADOOP-12846
Project: Hadoop Common
Issue Type: Bug
Reporter: Larry McCay
Assignee: Larry McCay
There are a few credential provider integration points in which the use of a
certain type of provider in a certain filesystem causes a recursive infinite
loop.
For instance, a component such as sqoop can be protecting a db password in a
credential provider within the wasb/azure filesystem. Now that HADOOP-12555 has
introduced the ability to protect the access keys for wasb we suddenly need
access to wasb to get the database keys which initiates the attempt to get the
access keys from wasb - since there is a provider path configured for sqoop.
For such integrations, those in which it doesn't make sense to protect the
access keys inside the thing that we need the keys to access, we need a
solution to avoid this recursion - other than dictating what filesystems can be
used by other components.
This patch proposes the ability to scrub the configured provider path of any
provider types that would be incompatible with the integration point. In other
words, before calling Configuration.getPassword for the access keys to wasb, we
can remove any configured providers that require access to wasb.
This will require some regex expressions that can be used to identify the
configuration of such provider uri's within the provider path parameter.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
