[ https://issues.apache.org/jira/browse/HADOOP-13956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15830632#comment-15830632 ]
John Zhuge commented on HADOOP-13956: ------------------------------------- Deployed patch 006 to a 4-node cluster, and set up JCE keystore on HDFS. Everything works well. core-site.xml must has these configured: {code} <property> <name>hadoop.security.credential.provider.path</name> <value>jceks://hdfs/cdep/keystores/creds.jceks</value> </property> <property> <name>dfs.adls.oauth2.access.token.provider.type</name> <value>ClientCredential</value> <property> {code} Run these commands to populate the keystore: {code} hadoop credential create dfs.adls.oauth2.client.id -value '123' hadoop credential create dfs.adls.oauth2.credential -value '456' hadoop credential create dfs.adls.oauth2.refresh.url -value '789' {code} Unfortunately {{dfs.adls.oauth2.access.token.provider.type}} can not be easily put into the keystore because {{Configuration#getEnum}} is used to get this property. Anyway it is not really a secret. > Read ADLS credentials from Credential Provider > ---------------------------------------------- > > Key: HADOOP-13956 > URL: https://issues.apache.org/jira/browse/HADOOP-13956 > Project: Hadoop Common > Issue Type: Improvement > Components: fs/adl > Affects Versions: 3.0.0-alpha2 > Reporter: John Zhuge > Assignee: John Zhuge > Priority: Critical > Attachments: HADOOP-13956.001.patch, HADOOP-13956.002.patch, > HADOOP-13956.003.patch, HADOOP-13956.004.patch, HADOOP-13956.005.patch, > HADOOP-13956.006.patch > > > Read ADLS credentials using Hadoop CredentialProvider API. See > https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-common/CredentialProviderAPI.html. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org