ctubbsii commented on issue #4573: URL: https://github.com/apache/accumulo/issues/4573#issuecomment-2121331080
It looks like this might have been broken by #508 in an attempt to remove some special case handling of the CredentialProviderToken with dedicated client properties, and replace it with the generic handling with AuthenticationToken serialization. The problem with that is that the CredentialProviderToken extends PasswordToken, and was not intended to be serialized, but instead was taking advantage of the PasswordToken's methods for retrieving the secret after retrieval of the secret from the provider during the CredentialProviderToken construction. With serialization, it does store the password, because that's how PasswordToken serialization works. In the spirit of preserving the intent of #508, to remove the special properties that handle CredentialProviderToken serialization in a special way, I think the best path forward is to fix the CredentialProviderToken to make it safe for serialization. The other issue, about the init method being called inside the loop looks like an easy fix. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
