HADOOP-11054. Add a KeyProvider instantiation based on a URI. (tucu)
This commit is contained in:
parent
8f1a668575
commit
41f1662d46
@ -496,6 +496,8 @@ Release 2.6.0 - UNRELEASED
|
|||||||
HADOOP-10863. KMS should have a blacklist for decrypting EEKs.
|
HADOOP-10863. KMS should have a blacklist for decrypting EEKs.
|
||||||
(asuresh via tucu)
|
(asuresh via tucu)
|
||||||
|
|
||||||
|
HADOOP-11054. Add a KeyProvider instantiation based on a URI. (tucu)
|
||||||
|
|
||||||
OPTIMIZATIONS
|
OPTIMIZATIONS
|
||||||
|
|
||||||
HADOOP-10838. Byte array native checksumming. (James Thomas via todd)
|
HADOOP-10838. Byte array native checksumming. (James Thomas via todd)
|
||||||
|
@ -63,16 +63,10 @@ public static List<KeyProvider> getProviders(Configuration conf
|
|||||||
for(String path: conf.getStringCollection(KEY_PROVIDER_PATH)) {
|
for(String path: conf.getStringCollection(KEY_PROVIDER_PATH)) {
|
||||||
try {
|
try {
|
||||||
URI uri = new URI(path);
|
URI uri = new URI(path);
|
||||||
boolean found = false;
|
KeyProvider kp = get(uri, conf);
|
||||||
for(KeyProviderFactory factory: serviceLoader) {
|
|
||||||
KeyProvider kp = factory.createProvider(uri, conf);
|
|
||||||
if (kp != null) {
|
if (kp != null) {
|
||||||
result.add(kp);
|
result.add(kp);
|
||||||
found = true;
|
} else {
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (!found) {
|
|
||||||
throw new IOException("No KeyProviderFactory for " + uri + " in " +
|
throw new IOException("No KeyProviderFactory for " + uri + " in " +
|
||||||
KEY_PROVIDER_PATH);
|
KEY_PROVIDER_PATH);
|
||||||
}
|
}
|
||||||
@ -83,4 +77,26 @@ public static List<KeyProvider> getProviders(Configuration conf
|
|||||||
}
|
}
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a KeyProvider based on a provided URI.
|
||||||
|
*
|
||||||
|
* @param uri key provider URI
|
||||||
|
* @param conf configuration to initialize the key provider
|
||||||
|
* @return the key provider for the specified URI, or <code>NULL</code> if
|
||||||
|
* a provider for the specified URI scheme could not be found.
|
||||||
|
* @throws IOException thrown if the provider failed to initialize.
|
||||||
|
*/
|
||||||
|
public static KeyProvider get(URI uri, Configuration conf)
|
||||||
|
throws IOException {
|
||||||
|
KeyProvider kp = null;
|
||||||
|
for (KeyProviderFactory factory : serviceLoader) {
|
||||||
|
kp = factory.createProvider(uri, conf);
|
||||||
|
if (kp != null) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return kp;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -357,4 +357,17 @@ public void testJksProviderPasswordViaConfig() throws Exception {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testGetProviderViaURI() throws Exception {
|
||||||
|
Configuration conf = new Configuration(false);
|
||||||
|
URI uri = new URI(JavaKeyStoreProvider.SCHEME_NAME + "://file" + tmpDir +
|
||||||
|
"/test.jks");
|
||||||
|
KeyProvider kp = KeyProviderFactory.get(uri, conf);
|
||||||
|
Assert.assertNotNull(kp);
|
||||||
|
Assert.assertEquals(JavaKeyStoreProvider.class, kp.getClass());
|
||||||
|
uri = new URI("foo://bar");
|
||||||
|
kp = KeyProviderFactory.get(uri, conf);
|
||||||
|
Assert.assertNull(kp);
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user