[
https://issues.apache.org/jira/browse/HADOOP-12059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14572186#comment-14572186
]
Larry McCay commented on HADOOP-12059:
--------------------------------------
Hi [~busbey] - Couple comments:
* it seems to me that wrapLocalFileUri should really be added to ProviderUtils
rather than to the credential provider itself. There is a bit of a blurred line
due to the fact that it creates a localjceks based URI but since it isn't part
of the CredentialProvider interface and is basically needed for tests - I think
it should go in either the ProviderUtils class or just be part of the test.
* I also just wanted to point out that the local version of the keystore
provider is primarily useful when you CAN'T store the keystore in HDFS. For
instance, the LDAPGroupsMapping can't use the Hadoop FileSystem abstraction
because it causes a recursive infinite loop in order to look up groups to see
if you can access the keystore. I just wanted to make sure that you were aware
of the regular JavaKeyStoreProvider which allows for local file or hdfs.
> S3Credentials should support use of CredentialProvider
> ------------------------------------------------------
>
> Key: HADOOP-12059
> URL: https://issues.apache.org/jira/browse/HADOOP-12059
> Project: Hadoop Common
> Issue Type: Improvement
> Reporter: Sean Busbey
> Assignee: Sean Busbey
> Attachments: HADOOP-12059.1.patch, HADOOP-12059.2.patch
>
>
> Right now S3Credentials only works with cleartext passwords in configs (as a
> secret access key or the URI). The non-URI version should use credential
> providers with a fallback to the clear text option.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
