[HADOOP-10070] RPC client doesn't use per-connection conf to determine server's expected Kerberos principal name - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.2.0
Fix Version/s: 2.4.0
Component/s: security
Labels:
None

Target Version/s:

2.4.0
Hadoop Flags:

Reviewed

Description

Currently, RPC client caches the Configuration object that was passed in to its constructor and uses that same conf for every connection it sets up thereafter. This can cause problems when security is enabled if the Configuration object provided when the first RPC connection was made does not contain all possible entries for all server principals that will later be used by subsequent connections. When this happens, it will result in later RPC connections incorrectly failing with the error "Failed to specify server's Kerberos principal name" even though the principal name was specified in the Configuration object provided on later RPC connection attempts.

I believe this means that we've inadvertently reintroduced ~~HADOOP-6907~~.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

TestKerberosClient.java
25/Oct/13 02:10
2 kB
Aaron Myers
HADOOP-10070.patch
25/Oct/13 02:12
5 kB
Aaron Myers
HADOOP-10070.patch
11/Feb/14 03:35
7 kB
Aaron Myers

Activity

People

Assignee:: Aaron Myers

Reporter:: Aaron Myers

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Dates

Created:: 25/Oct/13 01:46

Updated:: 04/Sep/14 01:16

Resolved:: 04/Mar/14 18:54