Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-7070

JAAS configuration should delegate unknown application names to pre-existing configuration

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 0.22.0, 0.23.0
    • 0.22.0
    • security
    • None
    • Reviewed

    Description

      As reported here: https://issues.cloudera.org/browse/DISTRO-66 it is impossible to use secured Hadoop inside an application that relies on other JAAS configurations. This is because the static initializer of UserGroupInformation replaces the JAAS configuration, but we don't delegate unknown applications up to whatever Configuration was installed previously. The delegation technique seems to be used by JBoss's XMLLoginConfigImpl for example.

      Attachments

        1. hadoop-7070.2.txt
          5 kB
          Todd Lipcon
        2. hadoop-7070.txt
          5 kB
          Todd Lipcon
        3. hadoop-7070.txt
          6 kB
          Todd Lipcon

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-7101 UserGroupInformation.getCurrentUser() fails when called from non-Hadoop JAAS context

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          Activity

            People

              tlipcon Todd Lipcon
              tlipcon Todd Lipcon
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: