Details

    • Type: Sub-task Sub-task
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.22.0
    • Fix Version/s: 0.21.0
    • Component/s: security
    • Labels:
      None

      Description

      The default value of "hadoop.security.authentication" is "kerberos". It makes sense for that to be "simple" since not all users have kerberos infrastructure set up, and it is inconvenient to have it set it to "simple" manually.

      1. 6538-bp20.patch
        1 kB
        Devaraj Das
      2. h-6538.patch
        1 kB
        Devaraj Das
      3. h-6538.patch
        1 kB
        Devaraj Das
      4. h-6538.patch
        0.5 kB
        Devaraj Das

        Activity

        Hide
        Devaraj Das added a comment -

        Patch for an earlier version of Hadoop. Not for commit.

        Show
        Devaraj Das added a comment - Patch for an earlier version of Hadoop. Not for commit.
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Common-trunk #242 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk/242/)
        . Sets hadoop.security.authentication to simple by default. Contributed by Devaraj Das.

        Show
        Hudson added a comment - Integrated in Hadoop-Common-trunk #242 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk/242/ ) . Sets hadoop.security.authentication to simple by default. Contributed by Devaraj Das.
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Common-trunk-Commit #157 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk-Commit/157/)
        . Sets hadoop.security.authentication to simple by default. Contributed by Devaraj Das.

        Show
        Hudson added a comment - Integrated in Hadoop-Common-trunk-Commit #157 (See http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk-Commit/157/ ) . Sets hadoop.security.authentication to simple by default. Contributed by Devaraj Das.
        Hide
        Devaraj Das added a comment -

        I just committed this.

        Show
        Devaraj Das added a comment - I just committed this.
        Hide
        Hadoop QA added a comment -

        -1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12434773/h-6538.patch
        against trunk revision 906177.

        +1 @author. The patch does not contain any @author tags.

        -1 tests included. The patch doesn't appear to include any new or modified tests.
        Please justify why no new tests are needed for this patch.
        Also please list what manual steps were performed to verify this patch.

        +1 javadoc. The javadoc tool did not generate any warning messages.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 findbugs. The patch does not introduce any new Findbugs warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed core unit tests.

        +1 contrib tests. The patch passed contrib unit tests.

        Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/327/testReport/
        Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/327/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
        Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/327/artifact/trunk/build/test/checkstyle-errors.html
        Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/327/console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - -1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12434773/h-6538.patch against trunk revision 906177. +1 @author. The patch does not contain any @author tags. -1 tests included. The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 findbugs. The patch does not introduce any new Findbugs warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed core unit tests. +1 contrib tests. The patch passed contrib unit tests. Test results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/327/testReport/ Findbugs warnings: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/327/artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html Checkstyle results: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/327/artifact/trunk/build/test/checkstyle-errors.html Console output: http://hudson.zones.apache.org/hudson/job/Hadoop-Patch-h4.grid.sp2.yahoo.net/327/console This message is automatically generated.
        Hide
        Devaraj Das added a comment -

        ant tests passed with the last patch. test-patch passed with the last patch but it complained about "no tests included". I manually tested the patch by checking that in mapreduce, without setting any config for authentication, the value of the parameter is "simple" with this modified common jar. I will commit this.

        Show
        Devaraj Das added a comment - ant tests passed with the last patch. test-patch passed with the last patch but it complained about "no tests included". I manually tested the patch by checking that in mapreduce, without setting any config for authentication, the value of the parameter is "simple" with this modified common jar. I will commit this.
        Hide
        Devaraj Das added a comment -

        retrying hudson

        Show
        Devaraj Das added a comment - retrying hudson
        Hide
        Todd Lipcon added a comment -

        +1, looks good to me pending hudson. Thanks for the changes.

        Show
        Todd Lipcon added a comment - +1, looks good to me pending hudson. Thanks for the changes.
        Hide
        Devaraj Das added a comment -

        Argh!! Stupid of me. Updated patch.

        Show
        Devaraj Das added a comment - Argh!! Stupid of me. Updated patch.
        Hide
        Todd Lipcon added a comment -

        The description in the XML still reads "Is service-level authorization enabled?" which is copied from the conf item above. It should instead describe the options "simple" vs "kerberos"

        Show
        Todd Lipcon added a comment - The description in the XML still reads "Is service-level authorization enabled?" which is copied from the conf item above. It should instead describe the options "simple" vs "kerberos"
        Hide
        Devaraj Das added a comment -

        Thanks for catching that, Todd. Attached the updated patch.

        Show
        Devaraj Das added a comment - Thanks for catching that, Todd. Attached the updated patch.
        Hide
        Todd Lipcon added a comment -

        The documentation in the XML looks wrong - it's copied from the setting above.

        Also, the code in UserGroupInformation should be updated to reflect this default (right now it defaults to kerberos)

        Show
        Todd Lipcon added a comment - The documentation in the XML looks wrong - it's copied from the setting above. Also, the code in UserGroupInformation should be updated to reflect this default (right now it defaults to kerberos)
        Hide
        Kan Zhang added a comment -

        +1 on the patch. I think it's good to default to no authentication.

        Show
        Kan Zhang added a comment - +1 on the patch. I think it's good to default to no authentication.
        Hide
        Devaraj Das added a comment -

        Straightforward patch.

        Show
        Devaraj Das added a comment - Straightforward patch.

          People

          • Assignee:
            Devaraj Das
            Reporter:
            Devaraj Das
          • Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development