Affects Version/s: None
Fix Version/s: 2.7.0
Based on the discussion on
HADOOP-10670, this jira proposes to remove StringSecretProvider as it opens up possibilities for misconfiguration and security vulnerabilities.
My understanding is that the use case of inlining the secret is never supported. The property is used to pass the secret internally. The way it works before
HADOOP-10868is the following:
- Users specify the initializer of the authentication filter in the configuration.
- AuthenticationFilterInitializer reads the secret file. The server will not start if the secret file does not exists. The initializer will set the property if it read the file correctly.
*There is no way to specify the secret in the configuration out-of-the-box – the secret is always overwritten by AuthenticationFilterInitializer.