[
https://issues.apache.org/jira/browse/HADOOP-11469?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14292785#comment-14292785
]
Yi Liu commented on HADOOP-11469:
---------------------------------
Sure, sorry that I didn't pay attention to this JIRA.
The patch overall looks very good. One comment:
* Our purpose is to match the configuration properties prefixed with
{{key.acl.}}, so the best way is to define a correct regex, not through a
follow {{String#startsWith}}. My suggestion is we define a correct regex in
KMSConfiguration as following:
{code}
public static final String KEY_ACL_PREFIX = "key.acl.";
+public static final String KEY_ACL_PREFIX_REGEX = "^key\\.acl\\..+";
{code}
And use it KMSACLs:
{code}
Map<String, String> allKeyACLS =
conf.getValByRegex(KMSConfiguration.KEY_ACL_PREFIX_REGEX);
{code}
+1 after addressing.
> KMS should skip default.key.acl and whitelist.key.acl when loading key acl
> --------------------------------------------------------------------------
>
> Key: HADOOP-11469
> URL: https://issues.apache.org/jira/browse/HADOOP-11469
> Project: Hadoop Common
> Issue Type: Bug
> Components: kms
> Reporter: Dian Fu
> Assignee: Dian Fu
> Priority: Minor
> Attachments: HADOOP-11469.001.patch, HADOOP-11469.002.patch,
> HADOOP-11469.003.patch
>
>
> KMSACLs#setKeyACLs, loads key ACLs from the configuration by checking if the
> key name contains "key.acl". However, this also matches "default.key.acl" and
> "whitelist.key.acl" which is incorrect.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
