Details
-
Bug
-
Status: Patch Available
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
org.apache.hadoop.security.authentication.util.KerberosName is in charge of converting a Kerberos principal to a user name in Hadoop for all of the services requiring authentication.
Although the Kerberos spec (https://web.mit.edu/kerberos/krb5-1.5/krb5-1.5.4/doc/krb5-user/What-is-a-Kerberos-Principal_003f.html) allows for an arbitrary number of components in the principal, the Hadoop implementation will throw a "Malformed Kerberos name:" error if the principal has more than two components (because the regex can only read serviceName and hostName).