[HADOOP-17894] CredentialProviderFactory.getProviders() recursion loading JCEKS file from s3a - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 3.3.1
Fix Version/s: 3.3.2
Component/s: conf, fs/s3
Labels:
- pull-request-available

Description

CredentialProviderFactory.getProviders() will be called recursively if the FS being instantiated as a source of a JCECKs file calls Configuration.getPassword().
S3A FileSystem does this when looking at encryption settings, even when authentication
is not being done by hadoop config options.

Recursion is straightforward to detect, leaving a choice of actions

Fail
Fix by having getPassword() return null; this implicitly skips use of the credential providers for the nested FS instance.
fix by skipping the specific credential provider factory with the problem (warn first?)

My preference is for #3.

Attachments

Issue Links

links to

GitHub Pull Request #3393

Activity

People

Assignee:: Steve Loughran

Reporter:: Steve Loughran

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 06/Sep/21 13:16

Updated:: 10/Sep/21 16:01

Resolved:: 10/Sep/21 16:01

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1h 20m