[
https://issues.apache.org/jira/browse/HADOOP-14063?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15973010#comment-15973010
]
Yan commented on HADOOP-14063:
------------------------------
Breaking *any* existing library behavior is a risky practice, and should have
had followed careful migration/compatibility/documentation paths and checks.
My point is that any behavioral changes on the keystoreExists(), if deemed to
be necessary, should be under a separate jira, not this one which just deals
with the traversal of a list of keystore files and should have been addressed
using existing or enhanced methods and not through changing existing ones.
> Hadoop CredentialProvider fails to load list of keystore files
> --------------------------------------------------------------
>
> Key: HADOOP-14063
> URL: https://issues.apache.org/jira/browse/HADOOP-14063
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: ramtin
> Assignee: ramtin
> Attachments: HADOOP-14063-001.patch, HADOOP-14063-002.patch
>
>
> The {{hadoop.security.credential.provider.path}} property can be a list of
> keystore files like this:
> _jceks://hdfs/file1.jceks,jceks://hdfs/file2.jceks,jceks://hdfs/file3.jceks
> ..._
> Each file can have different permissions set to limit the users that have
> access to the keys. Some users may not have access to all the keystore files.
> Each keystore file in the list should be tried until one is found with the
> key needed.
> Currently it will throw an exception if one of the keystore files cannot be
> loaded instead of continuing to try the next one in the list.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
