Xiaoyu Yao created HADOOP-17208:
-----------------------------------
Summary: LoadBalanceKMSClientProvider#deleteKey should
invalidateCache for all the KMSClientProvider instances
Key: HADOOP-17208
URL: https://issues.apache.org/jira/browse/HADOOP-17208
Project: Hadoop Common
Issue Type: Improvement
Affects Versions: 2.8.4
Reporter: Xiaoyu Yao
Assignee: Xiaoyu Yao
Without invalidateCache, the deleted key may still exists in the servers' key
cache (CachingKeyProvider in KMSWebApp.java) where the delete key was not hit.
Client may still be able to access encrypted files by specifying to connect to
KMS instances with a cached version of the deleted key before the cache entry
(10 min by default) expired.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org
