[ https://issues.apache.org/jira/browse/HADOOP-12548?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15145183#comment-15145183 ]
Chris Nauroth commented on HADOOP-12548: ---------------------------------------- Hi [~mattpaduano]. I think this is because the jceks provider is implemented as "create keystore on first use". The relevant code for this is in {{org.apache.hadoop.security.alias.AbstractJavaKeyStoreProvider}}. I don't know for sure if it's an intentional design choice or a bug that this behavior kicks in at read time through {{Configuration#getPassword}}. [~lmccay], maybe you know better? If there is a problem in there, then let's address it outside the scope of this patch and instead file a new JIRA. > read s3 creds from a Credential Provider > ---------------------------------------- > > Key: HADOOP-12548 > URL: https://issues.apache.org/jira/browse/HADOOP-12548 > Project: Hadoop Common > Issue Type: New Feature > Components: fs/s3 > Reporter: Allen Wittenauer > Assignee: Larry McCay > Attachments: CredentialProviderAPIforS3FS-002.pdf, > HADOOP-12548-01.patch, HADOOP-12548-02.patch, HADOOP-12548-03.patch, > HADOOP-12548-04.patch, HADOOP-12548-05.patch, HADOOP-12548-06.patch, > HADOOP-12548-07.patch > > > It would be good if we could read s3 creds from a source other than via a > java property/Hadoop configuration option -- This message was sent by Atlassian JIRA (v6.3.4#6332)