Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
-
None
Description
Today there are multiple integration issues when an application (particularly, distcp) access both secure and insecure clusters (e.g., HDFS-6776 / HDFS-7036)
There are four use cases in this scenario:
- Secure <-> Secure. Works.
- Insecure <-> Insecure. Works.
- Accessing secure clusters from insecure client. Will not work as expected. The insecure client won't be able to be authenticated with the secure client, otherwise it is a security vulnerability.
- Accessing insecure clusters from secure client. Currently it will not work as the secure client won't be able to obtain a delegation token from the insecure cluster.
This jira proposes to fix the last use case.