Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-11628

SPNEGO auth does not work with CNAMEs in JDK8

          Details

          • Type: Bug
          • Status: Resolved
          • Priority: Blocker
          • Resolution: Fixed
          • Affects Version/s: 2.6.0
          • Fix Version/s: 2.8.0, 3.0.0-alpha1
          • Component/s: security
          • Labels:
          • Target Version/s:

            Description

            Pre-JDK8, GSSName auto-canonicalized the hostname when constructing the principal for SPNEGO. JDK8 no longer does this which breaks the use of user-friendly CNAMEs for services.

              Attachments

                Issue Links

                duplicates

                Bug - A problem which impairs or prevents the functions of the product. HADOOP-11888 bootstrapStandby command broken in JDK1.8 with kerberos

                • Blocker - Blocks development and/or testing work, production could not run
                • Resolved
                Is contained by

                Bug - A problem which impairs or prevents the functions of the product. BIGTOP-2673 Need to back port HADOOP-11628 for JDK8

                • Blocker - Blocks development and/or testing work, production could not run
                • Closed
                is depended upon by

                New Feature - A new feature of the product, which has yet to be developed. HADOOP-11090 [Umbrella] Support Java 8 in Hadoop

                • Major - Major loss of function.
                • Resolved

                  Activity

                    People

                    • Assignee:
                      daryn Daryn Sharp
                      Reporter:
                      daryn Daryn Sharp
                    • Votes:
                      0 Vote for this issue
                      Watchers:
                      18 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved: