Details
-
Bug
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
1.2.0
-
None
Description
A user reported [1] that the JobManager does not start when using Flink with Hadoop-2.7.0-mapr-1607 and no security activated because of
javax.security.auth.login.LoginException: Unable to obtain Principal Name for authentication
at com.sun.security.auth.module.Krb5LoginModule.promptForName(Krb5LoginModule.java:841)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:704)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617)
It seems that this Hadoop version always tries to login via Kerberos even though the user did not activate it and, thus, should use AuthenticationMode.SIMPLE.
I'm not really familiar with the security feature, but my understanding is that it should not have any effect on Flink when not activated. I might be wrong here, but if not, then we should fix this problem for 1.2.0 because it prevents people from using Flink.
[1] http://apache-flink-mailing-list-archive.1008284.n3.nabble.com/Flink-using-Yarn-on-MapR-td14484.html
Attachments
Issue Links
- is related to
-
FLINK-5364 Rework JAAS configuration to support user-supplied entries
- Closed
-
FLINK-5361 Flink shouldn't require Kerberos credentials
- Closed
- links to