-
Type:
Sub-task
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 2.6.0, 3.0.0-alpha1
-
Fix Version/s: 2.6.0
-
Component/s: encryption, webhdfs
-
Labels:None
Currently, decrypting files within encryption zones does not work through WebHDFS. Users will get returned the raw data.
For example:
bash-4.1$ hdfs crypto -listZones /enc2 key128 /jenkins key128 bash-4.1$ hdfs dfs -cat /enc2/hello hello and goodbye bash-4.1$ hadoop fs -cat webhdfs://hdfs-cdh5-vanilla-1.host.com:20101/enc2/hello14/09/08 15:55:26 WARN ssl.FileBasedKeyStoresFactory: The property 'ssl.client.truststore.location' has not been set, no TrustStore will be loaded 忡?~?A ?`?y???Wbash-4.1$ bash-4.1$ curl -i -L "http://hdfs-cdh5-vanilla-1.host.com:20101/webhdfs/v1/enc2/hello?user.name=hdfs&op=OPEN" HTTP/1.1 307 TEMPORARY_REDIRECT Cache-Control: no-cache Expires: Mon, 08 Sep 2014 22:56:08 GMT Date: Mon, 08 Sep 2014 22:56:08 GMT Pragma: no-cache Expires: Mon, 08 Sep 2014 22:56:08 GMT Date: Mon, 08 Sep 2014 22:56:08 GMT Pragma: no-cache Content-Type: application/octet-stream Set-Cookie: hadoop.auth=u=hdfs&p=hdfs&t=simple&e=1410252968270&s=QzpylAy1ltts1F6hHpsVFGC0TfA=; Version=1; Path=/; Expires=Tue, 09-Sep-2014 08:56:08 GMT; HttpOnly Location: http://hdfs-cdh5-vanilla-1.host.com:20003/webhdfs/v1/enc2/hello?op=OPEN&user.name=hdfs&namenoderpcaddress=hdfs-cdh5-vanilla-1.host.com:8020&offset=0 Content-Length: 0 Server: Jetty(6.1.26) HTTP/1.1 200 OK Cache-Control: no-cache Expires: Mon, 08 Sep 2014 22:56:08 GMT Date: Mon, 08 Sep 2014 22:56:08 GMT Pragma: no-cache Expires: Mon, 08 Sep 2014 22:56:08 GMT Date: Mon, 08 Sep 2014 22:56:08 GMT Pragma: no-cache Content-Type: application/octet-stream Content-Length: 18 Access-Control-Allow-Methods: GET Access-Control-Allow-Origin: * Server: Jetty(6.1.26) 忡?~?A ?`?y???Wbash-4.1$