[
https://issues.apache.org/jira/browse/HADOOP-15422?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16458535#comment-16458535
]
Steve Loughran commented on HADOOP-15422:
-----------------------------------------
bq. This is your punishment for putting secrets in your URI.
don't disagree.
This patch isn't correct BTW; the stack traces I was seeing come from: valid
credentials in conf, but secrets also in URI. DDB inited, but then URI
comparisons failed.
What's really needed is for DDB to get the credential list off the FileSystem.
Simple solution
* If FS is S3AFileSystem: Cast and call a (new? existing) method to get the
credential list. Use that.
* If it isn't/coming up standalone, don't do that
This will allow s3guard to pick up login details from delegation tokens passed
through the FS or any similar mechanism
> s3guard doesn't init when the secrets are in the s3a URI
> --------------------------------------------------------
>
> Key: HADOOP-15422
> URL: https://issues.apache.org/jira/browse/HADOOP-15422
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/s3
> Affects Versions: 3.1.0
> Reporter: Steve Loughran
> Priority: Minor
> Attachments: HADOOP-15422-001.patch
>
>
> If the AWS secrets are in the login, S3guard doesn't list the root dir
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
