[ACCUMULO-4489] Monitor login for trace viewing should fall back to GENERAL_KERBEROS_KEYTAB to match behavior of trace server - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 1.7.1, 1.7.2
Fix Version/s: 1.7.3, 1.8.1, 2.0.0
Component/s: monitor, trace
Labels:
None

Description

The current kerberos instructions rely on the trace user falling back to the GENERAL_KERBEROS_KEYTAB when kerberos for client access is enabled. This works as expected on the TraceServer, but the Monitor's servlet for viewing traces only uses the trace keytab.

workaround is to use the undocumented trace.token.property.keytab property to specify the appropriate keytab.

Even once the trace user keytab property is documented in ~~ACCUMULO-4488~~, we should make the behavior match that in the TraceServer.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

ACCUMULO-4489.2.patch
06/Oct/16 14:35
1 kB
Sean Busbey
ACCUMULO-4489.1.patch
06/Oct/16 14:25
1 kB
Sean Busbey

Activity

People

Assignee:: Sean Busbey

Reporter:: Sean Busbey

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 06/Oct/16 14:21

Updated:: 17/Oct/16 22:05

Resolved:: 17/Oct/16 22:05

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

0.5h