[ https://issues.apache.org/jira/browse/HDFS-3987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13826243#comment-13826243 ]
Jing Zhao commented on HDFS-3987: --------------------------------- The patch looks good to me. Some nits: # Currently KerberosAuthenticator#getFallBackAuthenticator already checks and sets connection configurator, while KerberosUgiAuthenticator#getFallBackAuthenticator does not. So instead of the following fix, how about adding a getConnectionConfigurator method and calling it in the overridden getFallBackAuthenticator method? {code} LOG.debug("Using fallback authenticator sequence."); - getFallBackAuthenticator().authenticate(url, token); + Authenticator auth = getFallBackAuthenticator(); + auth.setConnectionConfigurator(connConfigurator); + auth.authenticate(url, token); {code} # Let's use "WebHdfsFileSystem.SCHEME.equals(scheme)" here. {code} + if (scheme.equals(WebHdfsFileSystem.SCHEME)) { + return getAddresses(conf, null, + DFSConfigKeys.DFS_NAMENODE_HTTP_ADDRESS_KEY); + } else if (scheme.equals(SWebHdfsFileSystem.SCHEME)) { {code} # Since DFSUtil#resolve only recognizes webhdfs and swebhdfs, we may want to rename the method and add javadoc for it. # Let's keep the original number of DN here. {code} - new MiniDFSCluster.Builder(conf).numDataNodes(3).build(); + new MiniDFSCluster.Builder(conf).numDataNodes(1).build(); {code} # It will be better to replace the hard-coded string here. {code} + if (scheme.equals("webhdfs")) { + uri = "webhdfs://" + + conf.get(DFSConfigKeys.DFS_NAMENODE_HTTP_ADDRESS_KEY); + } else if (scheme.equals("swebhdfs")) { + uri = "swebhdfs://" + + conf.get(DFSConfigKeys.DFS_NAMENODE_HTTPS_ADDRESS_KEY); + } else { {code} # Please mention how you did system tests for the patch. > Support webhdfs over HTTPS > -------------------------- > > Key: HDFS-3987 > URL: https://issues.apache.org/jira/browse/HDFS-3987 > Project: Hadoop HDFS > Issue Type: Sub-task > Affects Versions: 2.0.2-alpha > Reporter: Alejandro Abdelnur > Assignee: Haohui Mai > Fix For: 2.3.0 > > Attachments: HDFS-3987.000.patch, HDFS-3987.001.patch, > HDFS-3987.002.patch, HDFS-3987.003.patch, HDFS-3987.004.patch, > HDFS-3987.005.patch, HDFS-3987.006.patch, HDFS-3987.007.patch > > > This is a follow up of HDFS-3983. > We should have a new filesystem client impl/binding for encrypted WebHDFS, > i.e. *webhdfss://* > On the server side, webhdfs and httpfs we should only need to start the > service on a secured (HTTPS) endpoint. -- This message was sent by Atlassian JIRA (v6.1#6144)