[
https://issues.apache.org/jira/browse/HADOOP-14135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mingliang Liu updated HADOOP-14135:
-----------------------------------
Attachment: HADOOP-14135.001.patch
Thanks Steve. You're right we should be very careful about this change.
For logging, 1) we use the {{S3xLoginHelper.toString(binding)}} to remove
credentials 2) we log all credentials used for the S3A URI at once at
{{createAWSCredentialProviderSet()}}. So logging is kept, without credentials,
without the help of fs URI.
> Remove URI parameter in AWSCredentialProvider constructors
> ----------------------------------------------------------
>
> Key: HADOOP-14135
> URL: https://issues.apache.org/jira/browse/HADOOP-14135
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/s3
> Reporter: Mingliang Liu
> Assignee: Mingliang Liu
> Attachments: HADOOP-14135.000.patch, HADOOP-14135.001.patch
>
>
> This was from comment in [HADOOP-13252].
> It looks like the URI parameter is not needed for our AWSCredentialProvider
> constructors. This was useful because we relied on URI parameter for
> retrieving user:pass. Now in binding URIs, we have
> {code}
> 279 S3xLoginHelper.Login creds = getAWSAccessKeys(binding, conf);
> 280 credentials.add(new BasicAWSCredentialsProvider(
> 281 creds.getUser(), creds.getPassword()));
> {code}
> This way, we only need configuration object (if necessary) for all
> AWSCredentialProvider implementations. The benefit is that, if we create
> AWSCredentialProvider list for DynamoDB, we don't have to pass down the
> associated file system URI. This might be useful to S3Guard tools.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
