[HADOOP-6634] AccessControlList uses full-principal names to verify acls causing queue-acls to fail - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.21.0
Component/s: security
Labels:
None

Hadoop Flags:

Reviewed

Description

ACL configuration so far was using short user-names. With the changed UserGroupInformation, short names are different from the long fully-qualified names. AccessControlList continues to use UserGroupInformation.getUserName() for verifying access control. Because of this, queue acls fail for a user "user@domain.org" even though the short name "user" is part of the acl configuration.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-6634-20100317-ydist.1.txt
19/Mar/10 04:22
4 kB
Vinod Kumar Vavilapalli
HADOOP-6634-20100428.txt
28/Apr/10 07:59
4 kB
Vinod Kumar Vavilapalli

Activity

People

Assignee:: Vinod Kumar Vavilapalli

Reporter:: Vinod Kumar Vavilapalli

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 17/Mar/10 08:56

Updated:: 24/Aug/10 20:42

Resolved:: 29/Apr/10 09:32