[ https://issues.apache.org/jira/browse/HADOOP-18919?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17776575#comment-17776575 ]
ASF GitHub Bot commented on HADOOP-18919: ----------------------------------------- dombizita commented on code in PR #6194: URL: https://github.com/apache/hadoop/pull/6194#discussion_r1363567945 ########## hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SecurityUtil.java: ########## @@ -786,4 +789,96 @@ public static List<ZKUtil.ZKAuthInfo> getZKAuthInfos(Configuration conf, throw e; } } + + public static void validateSslConfiguration(TruststoreKeystore truststoreKeystore) throws ConfigurationException { + if (org.apache.commons.lang3.StringUtils.isEmpty(truststoreKeystore.keystoreLocation)) { Review Comment: I thought of this too, but in this class we already have `org.apache.hadoop.util.StringUtils` imported and it is using `StringUtils.toLowerCase()` and `StringUtils.toUpperCase` from there. This library doesn't have the `isEmpty()` method and the `org.apache.commons.lang3.StringUtils` doesn't have the other two (at least they have a different name). What I could do is to use the `commons-lang3` and use the `upperCase()` and `lowerCase()` methods from there, but I didn't want to do unnecessary refactoring. Or I can check this here and not use `commons-lang3`: ``` truststoreKeystore.keystoreLocation == null || truststoreKeystore.keystoreLocation.isEmpty() ``` These were my first thoughts, let me know if you think something else could be done. > Zookeeper SSL/TLS support in HDFS ZKFC > -------------------------------------- > > Key: HADOOP-18919 > URL: https://issues.apache.org/jira/browse/HADOOP-18919 > Project: Hadoop Common > Issue Type: Improvement > Reporter: Zita Dombi > Assignee: Zita Dombi > Priority: Major > Labels: pull-request-available > > HADOOP-18709 added support for Zookeeper to communicate with SSL/TLS enabled > in hadoop-common. With those changes we have the necessary parameters, that > we need to set to enable SSL/TLS in a ZK Client. > In YARN-11468 the SSL communication can be set in Yarn, now we need to > similar changes in HDFS to enable it correctly. In HDFS ZK Client is used in > the Failover Controller. In this improvement we need to create the ZK client > with the necessary SSL configs if we enable it, which we can track under a > new HDFS config. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org