HADOOP-12804. Read Proxy Password from Credential Providers in S3 FileSystem. Contributed by Larry McCay.
This commit is contained in:
parent
6fe5ffd05d
commit
9701ab48e8
|
@ -118,7 +118,8 @@ interface S3ClientFactory {
|
|||
* @throws IllegalArgumentException if misconfigured
|
||||
*/
|
||||
private static void initProxySupport(Configuration conf,
|
||||
ClientConfiguration awsConf) throws IllegalArgumentException {
|
||||
ClientConfiguration awsConf)
|
||||
throws IllegalArgumentException, IOException {
|
||||
String proxyHost = conf.getTrimmed(PROXY_HOST, "");
|
||||
int proxyPort = conf.getInt(PROXY_PORT, -1);
|
||||
if (!proxyHost.isEmpty()) {
|
||||
|
@ -135,7 +136,11 @@ interface S3ClientFactory {
|
|||
}
|
||||
}
|
||||
String proxyUsername = conf.getTrimmed(PROXY_USERNAME);
|
||||
String proxyPassword = conf.getTrimmed(PROXY_PASSWORD);
|
||||
String proxyPassword = null;
|
||||
char[] proxyPass = conf.getPassword(PROXY_PASSWORD);
|
||||
if (proxyPass != null) {
|
||||
proxyPassword = new String(proxyPass).trim();
|
||||
}
|
||||
if ((proxyUsername == null) != (proxyPassword == null)) {
|
||||
String msg = "Proxy error: " + PROXY_USERNAME + " or " +
|
||||
PROXY_PASSWORD + " set without the other.";
|
||||
|
@ -147,11 +152,11 @@ interface S3ClientFactory {
|
|||
awsConf.setProxyDomain(conf.getTrimmed(PROXY_DOMAIN));
|
||||
awsConf.setProxyWorkstation(conf.getTrimmed(PROXY_WORKSTATION));
|
||||
if (LOG.isDebugEnabled()) {
|
||||
LOG.debug("Using proxy server {}:{} as user {} with password {} on " +
|
||||
LOG.debug("Using proxy server {}:{} as user {} on " +
|
||||
"domain {} as workstation {}", awsConf.getProxyHost(),
|
||||
awsConf.getProxyPort(),
|
||||
String.valueOf(awsConf.getProxyUsername()),
|
||||
awsConf.getProxyPassword(), awsConf.getProxyDomain(),
|
||||
awsConf.getProxyDomain(),
|
||||
awsConf.getProxyWorkstation());
|
||||
}
|
||||
} else if (proxyPort >= 0) {
|
||||
|
|
|
@ -175,6 +175,39 @@ public class ITestS3AConfiguration {
|
|||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testProxyPasswordFromCredentialProvider() throws Exception {
|
||||
ClientConfiguration awsConf = new ClientConfiguration();
|
||||
// set up conf to have a cred provider
|
||||
final Configuration conf2 = new Configuration();
|
||||
final File file = tempDir.newFile("test.jks");
|
||||
final URI jks = ProviderUtils.nestURIForLocalJavaKeyStoreProvider(
|
||||
file.toURI());
|
||||
conf2.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
|
||||
jks.toString());
|
||||
|
||||
provisionProxyPassword(conf2, "password");
|
||||
|
||||
// let's set the password in config and ensure that it uses the credential
|
||||
// provider provisioned value instead.
|
||||
conf2.set(Constants.PROXY_PASSWORD, "passwordLJM");
|
||||
char[] pwd = conf2.getPassword(Constants.PROXY_PASSWORD);
|
||||
assertNotNull("Proxy password should not retrun null.", pwd);
|
||||
if (pwd != null) {
|
||||
assertEquals("Proxy password override did NOT work.", "password",
|
||||
new String(pwd));
|
||||
}
|
||||
}
|
||||
|
||||
void provisionProxyPassword(final Configuration conf2, String pwd)
|
||||
throws Exception {
|
||||
// add our password to the provider
|
||||
final CredentialProvider provider =
|
||||
CredentialProviderFactory.getProviders(conf2).get(0);
|
||||
provider.createCredentialEntry(Constants.PROXY_PASSWORD, pwd.toCharArray());
|
||||
provider.flush();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testUsernameInconsistentWithPassword() throws Exception {
|
||||
conf = new Configuration();
|
||||
|
|
Loading…
Reference in New Issue