Hadoop Common
  1. Hadoop Common
  2. HADOOP-8086

KerberosName silently sets defaultRealm to "" if the Kerberos config is not found, it should log a WARN

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 0.23.2, 0.24.0
    • Fix Version/s: 2.0.0-alpha
    • Component/s: security
    • Labels:
      None
    • Hadoop Flags:
      Reviewed
    1. HADOOP-8086.patch
      2 kB
      Alejandro Abdelnur

      Issue Links

        Activity

        Hide
        Alejandro Abdelnur added a comment -

        @Eli, hadoop-auth uses slf4j since alfredo days, the choice was made because of its built-in capability to construct log messages with simple templating.

        Given that is a thin layer on top of log4j, and it is already pulled by Hadoop, I didn't see the need to refactor it to commons-logging.

        Show
        Alejandro Abdelnur added a comment - @Eli, hadoop-auth uses slf4j since alfredo days, the choice was made because of its built-in capability to construct log messages with simple templating. Given that is a thin layer on top of log4j, and it is already pulled by Hadoop, I didn't see the need to refactor it to commons-logging.
        Hide
        Eli Collins added a comment -

        Hey guys, was this tested on a non-kerb config? I get a "Kerberos krb5 configuration not found" warning now every time I use the hadoop command in 2.0-alpha.

        @Todd, yes, hadoop-auth uses slf4j.

        Todd asked why hadoop-auth uses slf4j. Why be inconsistent? I'll file a jira.

        Show
        Eli Collins added a comment - Hey guys, was this tested on a non-kerb config? I get a "Kerberos krb5 configuration not found" warning now every time I use the hadoop command in 2.0-alpha. @Todd, yes, hadoop-auth uses slf4j. Todd asked why hadoop-auth uses slf4j. Why be inconsistent? I'll file a jira.
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Mapreduce-trunk #1041 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1041/)
        HADOOP-8086. KerberosName silently sets defaultRealm to empty if the Kerberos config is not found, it should log a WARN (tucu) (Revision 1310233)

        Result = SUCCESS
        tucu : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1310233
        Files :

        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosName.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - Integrated in Hadoop-Mapreduce-trunk #1041 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1041/ ) HADOOP-8086 . KerberosName silently sets defaultRealm to empty if the Kerberos config is not found, it should log a WARN (tucu) (Revision 1310233) Result = SUCCESS tucu : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1310233 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosName.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Hdfs-trunk #1006 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/1006/)
        HADOOP-8086. KerberosName silently sets defaultRealm to empty if the Kerberos config is not found, it should log a WARN (tucu) (Revision 1310233)

        Result = FAILURE
        tucu : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1310233
        Files :

        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosName.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - Integrated in Hadoop-Hdfs-trunk #1006 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/1006/ ) HADOOP-8086 . KerberosName silently sets defaultRealm to empty if the Kerberos config is not found, it should log a WARN (tucu) (Revision 1310233) Result = FAILURE tucu : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1310233 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosName.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Mapreduce-trunk-Commit #2028 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Commit/2028/)
        HADOOP-8086. KerberosName silently sets defaultRealm to empty if the Kerberos config is not found, it should log a WARN (tucu) (Revision 1310233)

        Result = SUCCESS
        tucu : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1310233
        Files :

        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosName.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - Integrated in Hadoop-Mapreduce-trunk-Commit #2028 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Commit/2028/ ) HADOOP-8086 . KerberosName silently sets defaultRealm to empty if the Kerberos config is not found, it should log a WARN (tucu) (Revision 1310233) Result = SUCCESS tucu : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1310233 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosName.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Common-trunk-Commit #2014 (See https://builds.apache.org/job/Hadoop-Common-trunk-Commit/2014/)
        HADOOP-8086. KerberosName silently sets defaultRealm to empty if the Kerberos config is not found, it should log a WARN (tucu) (Revision 1310233)

        Result = SUCCESS
        tucu : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1310233
        Files :

        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosName.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - Integrated in Hadoop-Common-trunk-Commit #2014 (See https://builds.apache.org/job/Hadoop-Common-trunk-Commit/2014/ ) HADOOP-8086 . KerberosName silently sets defaultRealm to empty if the Kerberos config is not found, it should log a WARN (tucu) (Revision 1310233) Result = SUCCESS tucu : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1310233 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosName.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Hdfs-trunk-Commit #2089 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Commit/2089/)
        HADOOP-8086. KerberosName silently sets defaultRealm to empty if the Kerberos config is not found, it should log a WARN (tucu) (Revision 1310233)

        Result = SUCCESS
        tucu : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1310233
        Files :

        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosName.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - Integrated in Hadoop-Hdfs-trunk-Commit #2089 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Commit/2089/ ) HADOOP-8086 . KerberosName silently sets defaultRealm to empty if the Kerberos config is not found, it should log a WARN (tucu) (Revision 1310233) Result = SUCCESS tucu : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1310233 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosName.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Alejandro Abdelnur added a comment -

        committed to trunk and branch-2

        Show
        Alejandro Abdelnur added a comment - committed to trunk and branch-2
        Hide
        Todd Lipcon added a comment -

        OK. I will pretend that that makes sense, and give a +1 for this patch then.

        Show
        Todd Lipcon added a comment - OK. I will pretend that that makes sense, and give a +1 for this patch then.
        Hide
        Alejandro Abdelnur added a comment -

        @Todd, yes, hadoop-auth uses slf4j. thxs

        Show
        Alejandro Abdelnur added a comment - @Todd, yes, hadoop-auth uses slf4j. thxs
        Hide
        Devaraj K added a comment -

        As per my understanding it is intended because KerberosAuthenticationHandler.java also does the same way in hadoop-auth. Anyway Alejandro can confirm this.

        Show
        Devaraj K added a comment - As per my understanding it is intended because KerberosAuthenticationHandler.java also does the same way in hadoop-auth. Anyway Alejandro can confirm this.
        Hide
        Todd Lipcon added a comment -

        This patch seems to use slf4j, whereas we use commons-logging elsewhere. Is this something particular to the hadoop-auth component? Or just a mistake?

        Show
        Todd Lipcon added a comment - This patch seems to use slf4j, whereas we use commons-logging elsewhere. Is this something particular to the hadoop-auth component? Or just a mistake?
        Hide
        Alejandro Abdelnur added a comment -

        no testcase, it is a log message what this patch adds

        Show
        Alejandro Abdelnur added a comment - no testcase, it is a log message what this patch adds
        Hide
        Hadoop QA added a comment -

        -1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12521479/HADOOP-8086.patch
        against trunk revision .

        +1 @author. The patch does not contain any @author tags.

        -1 tests included. The patch doesn't appear to include any new or modified tests.
        Please justify why no new tests are needed for this patch.
        Also please list what manual steps were performed to verify this patch.

        +1 javadoc. The javadoc tool did not generate any warning messages.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in .

        +1 contrib tests. The patch passed contrib unit tests.

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/823//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/823//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - -1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12521479/HADOOP-8086.patch against trunk revision . +1 @author. The patch does not contain any @author tags. -1 tests included. The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. +1 javadoc. The javadoc tool did not generate any warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 eclipse:eclipse. The patch built with eclipse:eclipse. +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed unit tests in . +1 contrib tests. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/823//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/823//console This message is automatically generated.
        Hide
        Devaraj K added a comment -

        Patch looks good to me, +1(non-binding) for the patch.

        Thanks Alejandro.

        Show
        Devaraj K added a comment - Patch looks good to me, +1(non-binding) for the patch. Thanks Alejandro.

          People

          • Assignee:
            Alejandro Abdelnur
            Reporter:
            Alejandro Abdelnur
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development