Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-5949

Flink on YARN checks for Kerberos credentials for non-Kerberos authentication methods

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 1.2.0
    • Fix Version/s: 1.2.1, 1.3.0
    • Component/s: Security, YARN
    • Labels:
      None

      Description

      Reported in ML: http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/Flink-Yarn-and-MapR-Kerberos-issue-td11996.html

      The problem is that the Flink on YARN client incorrectly assumes UserGroupInformation.isSecurityEnabled() returns true only for Kerberos authentication modes, whereas it actually returns true for other kinds of authentications too.

      We could make use of UserGroupInformation.getAuthenticationMethod() to check for KERBEROS only.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                tzulitai Tzu-Li (Gordon) Tai
                Reporter:
                tzulitai Tzu-Li (Gordon) Tai
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: