Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-7070

JAAS configuration should delegate unknown application names to pre-existing configuration

Log workAgile BoardRank to TopRank to BottomAttach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskConvert to sub-taskMoveLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 0.22.0, 0.23.0
    • Fix Version/s: 0.22.0
    • Component/s: security
    • Labels:
      None
    • Hadoop Flags:
      Reviewed

      Description

      As reported here: https://issues.cloudera.org/browse/DISTRO-66 it is impossible to use secured Hadoop inside an application that relies on other JAAS configurations. This is because the static initializer of UserGroupInformation replaces the JAAS configuration, but we don't delegate unknown applications up to whatever Configuration was installed previously. The delegation technique seems to be used by JBoss's XMLLoginConfigImpl for example.

        Attachments

        1. hadoop-7070.2.txt
          5 kB
          Todd Lipcon
        2. hadoop-7070.txt
          5 kB
          Todd Lipcon
        3. hadoop-7070.txt
          6 kB
          Todd Lipcon

        Issue Links

          Activity

          $i18n.getText('security.level.explanation', $currentSelection) Viewable by All Users
          Cancel

            People

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment