[
https://issues.apache.org/jira/browse/HADOOP-17050?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17112122#comment-17112122
]
Steve Loughran commented on HADOOP-17050:
-----------------------------------------
Two options,
h2. in s3a
S3A FS takes ordered list of DT providers, walks through the lifecycle. When
creating tokens it asks each for their values.
For auth, not sure. Knowing this is related to different DTs/auth for ddb and
s3, could we declare one for each (the way we can for auth chains today)
h2. AbstractDT to offer multiple tokens
Probably the simplest, though it will push work onto the implementations which
need this, and break external implementations *unless you added a default impl
for the list operation which just invoked and wrapped the single DT method*
I concur with your option 2 proposal.
no idea about what to do with the token secret management changes
> Add support for multiple delegation tokens in S3AFilesystem
> -----------------------------------------------------------
>
> Key: HADOOP-17050
> URL: https://issues.apache.org/jira/browse/HADOOP-17050
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/s3
> Reporter: Gabor Bota
> Assignee: Gabor Bota
> Priority: Major
>
> In
> {{org.apache.hadoop.fs.s3a.auth.delegation.AbstractDelegationTokenBinding}}
> the {{createDelegationToken}} should return a list of tokens.
> With this functionality, the {{AbstractDelegationTokenBinding}} can get two
> different tokens at the same time.
> {{AbstractDelegationTokenBinding.TokenSecretManager}} should be extended to
> retrieve secrets and lookup delegation tokens (use the public API for
> secretmanager in hadoop)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
