[
https://issues.apache.org/jira/browse/HADOOP-12076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14581381#comment-14581381
]
Sean Busbey commented on HADOOP-12076:
--------------------------------------
{code}
@@ -209,13 +200,11 @@ protected void initFileSystem(URI keystoreUri,
Configuration conf)
@Override
public CredentialEntry getCredentialEntry(String alias)
throws IOException {
+ CredentialEntry entry = null;
readLock.lock();
try {
SecretKeySpec key = null;
try {
- if (cache.containsKey(alias)) {
- return cache.get(alias);
- }
if (!keyStore.containsAlias(alias)) {
return null;
}
@@ -230,7 +219,8 @@ public CredentialEntry getCredentialEntry(String alias)
throw new IOException("Can't recover credential " + alias + " from "
+ getPathAsString(), e);
}
- return new CredentialEntry(alias, bytesToChars(key.getEncoded()));
+ entry = new CredentialEntry(alias, bytesToChars(key.getEncoded()));
+ return entry;
} finally {
readLock.unlock();
{code}
nit: I don't see a reason to introduce the reference to CredentialEntry here,
since there's nothing else to do with it we might as well just return as we did
prior to this patch.
Otherwise, lgtm.
> Incomplete Cache Mechanism in CredentialProvider API
> ----------------------------------------------------
>
> Key: HADOOP-12076
> URL: https://issues.apache.org/jira/browse/HADOOP-12076
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Larry McCay
> Assignee: Larry McCay
> Attachments: HADOOP-12076-001.patch, HADOOP-12076-002.patch,
> HADOOP-12076-003.patch
>
>
> The AbstractJavaKeyStoreProvider class in the CredentialProvider API has a
> cache member variable and interrogation of it during access but does not
> populate it.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
