Wei-Chiu Chuang
|
070548943a
|
HADOOP-13395. Enhance TestKMSAudit. Contributed by Xiao Chen.
|
2016-08-08 15:11:05 -07:00 |
|
Xiao Chen
|
8ebf2e95d2
|
HADOOP-13381. KMS clients should use KMS Delegation Tokens from current UGI. Contributed by Xiao Chen.
|
2016-07-28 18:24:41 -07:00 |
|
Andrew Wang
|
771f798edf
|
HADOOP-13251. Authenticate with Kerberos credentials when renewing KMS delegation token. Contributed by Xiao Chen.
|
2016-06-27 18:20:56 -07:00 |
|
Xiaoyu Yao
|
b1674caa40
|
HADOOP-13255. KMSClientProvider should check and renew tgt when doing delegation token operations. Contributed by Xiao Chen.
|
2016-06-16 15:22:00 -07:00 |
|
Andrew Wang
|
713cb71820
|
HADOOP-13155. Implement TokenRenewer to renew and cancel delegation tokens in KMS. Contributed by Xiao Chen.
|
2016-06-03 16:48:54 -07:00 |
|
Kai Zheng
|
916140604f
|
HADOOP-12911. Upgrade Hadoop MiniKDC with Kerby. Contributed by Jiajia Li
|
2016-05-28 14:23:39 +08:00 |
|
Andrew Wang
|
d4df7849a5
|
HADOOP-12962. KMS key names are incorrectly encoded when creating key. Contributed by Xiao Chen.
|
2016-03-25 15:28:53 -07:00 |
|
Andrew Wang
|
8fdef0bd9d
|
HADOOP-12699. TestKMS#testKMSProvider intermittently fails during 'test rollover draining'. Contributed by Xiao Chen.
|
2016-02-11 17:20:10 -08:00 |
|
Xiaoyu Yao
|
ab725cff66
|
HADOOP-12682. Fix TestKMS#testKMSRestart* failure. Contributed by Wei-Chiu Chuang.
|
2015-12-30 10:29:26 -08:00 |
|
Zhe Zhang
|
f5756a2038
|
HADOOP-12615. Fix NPE in MiniKMS.start(). Contributed by Wei-Chiu Chuang.
Change-Id: Ie3e148bd1401618b1737a577957298bf622891f4
|
2015-12-17 13:24:29 -08:00 |
|
Haohui Mai
|
7f00fcac77
|
HADOOP-12474. MiniKMS should use random ports for Jetty server by default. Contributed by Mingliang Liu.
|
2015-10-13 13:07:57 -07:00 |
|
Andrew Wang
|
71385f9b70
|
HADOOP-11620. Add support for load balancing across a group of KMS for HA. Contributed by Arun Suresh.
|
2015-02-25 21:16:37 -08:00 |
|
yliu
|
ee1e06a3ab
|
HADOOP-11469. KMS should skip default.key.acl and whitelist.key.acl when loading key acl. (Dian Fu via yliu)
|
2015-01-28 00:07:21 +08:00 |
|
Andrew Wang
|
4b00935643
|
HADOOP-11482. Use correct UGI when KMSClientProvider is called by a proxy user. Contributed by Arun Suresh.
|
2015-01-23 12:11:15 -08:00 |
|
Akira Ajisaka
|
aee4500612
|
HADOOP-11493. Fix some typos in kms-acls.xml description. (Contributed by Charles Lamb)
|
2015-01-23 11:48:19 +09:00 |
|
Andrew Wang
|
74d4bfded9
|
HADOOP-11368. Fix SSLFactory truststore reloader thread leak in KMSClientProvider. Contributed by Arun Suresh.
|
2014-12-09 10:47:24 -08:00 |
|
Andrew Wang
|
9cdaec6a6f
|
HADOOP-11355. When accessing data in HDFS and the key has been deleted, a Null Pointer Exception is shown. Contributed by Arun Suresh.
|
2014-12-05 12:01:23 -08:00 |
|
Andrew Wang
|
1812241ee1
|
HADOOP-11342. KMS key ACL should ignore ALL operation for default key ACL and whitelist key ACL. Contributed by Dian Fu.
|
2014-12-03 12:00:14 -08:00 |
|
Andrew Wang
|
31b4d2daa1
|
HADOOP-11341. KMS support for whitelist key ACLs. Contributed by Arun Suresh.
|
2014-12-01 21:53:37 -08:00 |
|
yliu
|
61a2510b55
|
HADOOP-11322. key based ACL check in KMS always check KeyOpType.MANAGEMENT even actual KeyOpType is not MANAGEMENT. (Dian Fu via yliu)
|
2014-11-25 01:08:40 +08:00 |
|
Andrew Wang
|
bcd402ae38
|
HADOOP-11312. Fix unit tests to not use uppercase key names.
|
2014-11-18 10:47:46 -08:00 |
|
Aaron T. Myers
|
ef5af4f8de
|
HADOOP-11187 NameNode - KMS communication fails after a long period of inactivity. Contributed by Arun Suresh.
|
2014-11-05 18:17:49 -08:00 |
|
Aaron T. Myers
|
8a261e68e4
|
HADOOP-11272. Allow ZKSignerSecretProvider and ZKDelegationTokenSecretManager to use the same curator client. Contributed by Arun Suresh.
|
2014-11-05 17:47:22 -08:00 |
|
Karthik Kambatla
|
dbf30e3c0e
|
HADOOP-11260. Patch up Jetty to disable SSLv3. (Mike Yoder via kasha)
|
2014-11-04 16:18:24 -08:00 |
|
Aaron T. Myers
|
0e57aa3bf6
|
HADOOP-11176. KMSClientProvider authentication fails when both currentUgi and loginUgi are a proxied user. Contributed by Arun Suresh.
|
2014-10-13 18:09:39 -07:00 |
|
Andrew Wang
|
b2f6197523
|
HADOOP-11169. Fix DelegationTokenAuthenticatedURL to pass the connection Configurator to the authenticator. (Arun Suresh via wang)
|
2014-10-07 14:46:59 -07:00 |
|
Andrew Wang
|
2d8e6e2c4a
|
HADOOP-11151. Automatically refresh auth token and retry on auth failure. Contributed by Arun Suresh.
|
2014-10-02 19:54:57 -07:00 |
|
Andrew Wang
|
a4c9b80a7c
|
HADOOP-11113. Namenode not able to reconnect to KMS after KMS restart. (Arun Suresh via wang)
|
2014-09-30 16:48:24 -07:00 |
|
Andrew Wang
|
1737950d0f
|
HDFS-6987. Move CipherSuite xattr information up to the encryption zone root. Contributed by Zhe Zhang.
|
2014-09-21 21:29:46 -07:00 |
|
Andrew Wang
|
b6ceef90e5
|
HADOOP-11112. TestKMSWithZK does not use KEY_PROVIDER_URI. (tucu via wang)
|
2014-09-19 17:42:00 -07:00 |
|
Andrew Wang
|
10e8602f32
|
HDFS-7004. Update KeyProvider instantiation to create by URI. (wang)
|
2014-09-17 20:14:40 -07:00 |
|
Alejandro Abdelnur
|
123f20d42f
|
HADOOP-11016. KMS should support signing cookies with zookeeper secret manager. (tucu)
|
2014-09-17 15:29:17 -07:00 |
|
Alejandro Abdelnur
|
8a7671d753
|
Revert "HADOOP-11016. KMS should support signing cookies with zookeeper secret manager. (tucu)"
This reverts commit 0a495bef5c .
|
2014-09-17 11:11:33 -07:00 |
|
Alejandro Abdelnur
|
3f8f860cc6
|
Revert "HADOOP-10982"
This reverts commit d9a86031a0 .
|
2014-09-17 11:11:15 -07:00 |
|
Alejandro Abdelnur
|
d9a86031a0
|
HADOOP-10982
|
2014-09-17 11:08:00 -07:00 |
|
Alejandro Abdelnur
|
0a495bef5c
|
HADOOP-11016. KMS should support signing cookies with zookeeper secret manager. (tucu)
|
2014-09-17 11:08:00 -07:00 |
|
Alejandro Abdelnur
|
e14e71d5fe
|
HADOOP-11096. KMS: KeyAuthorizationKeyProvider should verify the keyversion belongs to the keyname on decrypt. (tucu)
|
2014-09-16 23:20:35 -07:00 |
|
Alejandro Abdelnur
|
3e85f5b605
|
HDFS-7006. Test encryption zones with KMS. (Anthony Young-Garner and tucu)
|
2014-09-16 14:36:07 -07:00 |
|
cnauroth
|
957414d4cb
|
HADOOP-11088. Unittest TestKeyShell, TestCredShell and TestKMS assume UNIX path separator for JECKS key store path. Contributed by Xiaoyu Yao.
|
2014-09-12 14:50:07 -07:00 |
|
Alejandro Abdelnur
|
b02a4b4061
|
HADOOP-10758. KMS: add ACLs on per key basis. (tucu)
|
2014-09-10 14:26:15 -07:00 |
|
Alejandro Abdelnur
|
df8c84cba8
|
HADOOP-11071. KMSClientProvider should drain the local generated EEK cache on key rollover. (tucu)
|
2014-09-08 11:31:30 -07:00 |
|
Alejandro Abdelnur
|
0f3c19c1bb
|
HADOOP-11069. KMSClientProvider should use getAuthenticationMethod() to determine if in proxyuser mode or not. (tucu)
|
2014-09-05 21:59:12 -07:00 |
|
Alejandro Abdelnur
|
71c8d735f5
|
HADOOP-11070. Create MiniKMS for testing. (tucu)
|
2014-09-05 21:59:12 -07:00 |
|
Alejandro Abdelnur
|
d9a03e272a
|
HADOOP-10863. KMS should have a blacklist for decrypting EEKs. (asuresh via tucu)
|
2014-09-03 15:08:55 -07:00 |
|
Alejandro Abdelnur
|
e932365d6d
|
HADOOP-10698. KMS, add proxyuser support. (tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1618217 13f79535-47bb-0310-9956-ffa450edef68
|
2014-08-15 15:53:28 +00:00 |
|
Alejandro Abdelnur
|
e86c9ef651
|
HADOOP-10770. KMS add delegation token support. (tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1618096 13f79535-47bb-0310-9956-ffa450edef68
|
2014-08-15 05:03:58 +00:00 |
|
Alejandro Abdelnur
|
021ae47115
|
HADOOP-10862. Miscellaneous trivial corrections to KMS classes. (asuresh via tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1616903 13f79535-47bb-0310-9956-ffa450edef68
|
2014-08-08 23:10:11 +00:00 |
|
Alejandro Abdelnur
|
bda9c584c8
|
HADOOP-10756. KMS audit log should consolidate successful similar requests. (asuresh via tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1614725 13f79535-47bb-0310-9956-ffa450edef68
|
2014-07-30 17:54:10 +00:00 |
|
Andrew Wang
|
e0f00e12ce
|
HADOOP-10881. Clarify usage of encryption and encrypted encryption key in KeyProviderCryptoExtension. (wang)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1612737 13f79535-47bb-0310-9956-ffa450edef68
|
2014-07-23 01:24:22 +00:00 |
|
Alejandro Abdelnur
|
0c1469ece3
|
HADOOP-10720. KMS: Implement generateEncryptedKey and decryptEncryptedKey in the REST API. (asuresh via tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1612399 13f79535-47bb-0310-9956-ffa450edef68
|
2014-07-21 20:55:42 +00:00 |
|
Alejandro Abdelnur
|
0a3ea6c486
|
HADOOP-10750. KMSKeyProviderCache should be in hadoop-common. (asuresh via tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1611823 13f79535-47bb-0310-9956-ffa450edef68
|
2014-07-18 22:01:18 +00:00 |
|
Alejandro Abdelnur
|
950ae82571
|
HADOOP-10695. KMSClientProvider should respect a configurable timeout. (yoderme via tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1606930 13f79535-47bb-0310-9956-ffa450edef68
|
2014-06-30 20:54:56 +00:00 |
|
Alejandro Abdelnur
|
38e2322d84
|
HADOOP-10696. Add optional attributes to KeyProvider Options and Metadata. (tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1604041 13f79535-47bb-0310-9956-ffa450edef68
|
2014-06-19 22:18:03 +00:00 |
|
Alejandro Abdelnur
|
12cf17555f
|
HADOOP-10611. KMS, keyVersion name should not be assumed to be keyName@versionNumber. (tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1598775 13f79535-47bb-0310-9956-ffa450edef68
|
2014-05-30 23:19:11 +00:00 |
|
Alejandro Abdelnur
|
05d8586bc0
|
HADOOP-10645. TestKMS fails because race condition writing acl files. (tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1598773 13f79535-47bb-0310-9956-ffa450edef68
|
2014-05-30 23:12:02 +00:00 |
|
Alejandro Abdelnur
|
17d4fbbf0a
|
HADOOP-10433. Key Management Server based on KeyProvider API. (tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1592637 13f79535-47bb-0310-9956-ffa450edef68
|
2014-05-05 21:43:14 +00:00 |
|