[
https://issues.apache.org/jira/browse/HADOOP-13987?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15822104#comment-15822104
]
John Zhuge commented on HADOOP-13987:
-------------------------------------
Tricky use case if we pull in provider path:
* A central credential provider specified in {{core-site.xml}} which is the
same across nodes. The provider contains SSL properties.
* Wish to use different SSL properties in {{ssl-MODE.xml}} on different nodes
or just in different config directories, but {{getPassword}} always looks up
provider first. So the only way to override SSL properties is to create a new
provider storing different SSL properties and override the provider path.
> Enhance SSLFactory support for Credential Provider
> --------------------------------------------------
>
> Key: HADOOP-13987
> URL: https://issues.apache.org/jira/browse/HADOOP-13987
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.6.0
> Reporter: John Zhuge
> Assignee: John Zhuge
>
> Testing CredentialProvider with KMS: populated the credentials file, added
> "hadoop.security.credential.provider.path" to core-site.xml, but "hadoop key
> list" failed due to incorrect password. So I added
> "hadoop.security.credential.provider.path" to ssl-client.xml, "hadoop key
> list" worked!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
