Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-8346

Changes to support Kerberos with non Sun JVM (HADOOP-6941) broke SPNEGO

Details

    • Bug
    • Status: Closed
    • Blocker
    • Resolution: Fixed
    • 1.0.3, 2.0.0-alpha, 3.0.0-alpha1
    • 1.0.3, 0.23.7
    • security
    • None

    Description

      before HADOOP-6941 hadoop-auth testcases with Kerberos ON pass, mvn test -PtestKerberos

      after HADOOP-6941 the tests fail with the error below.

      Doing some IDE debugging I've found out that the changes in HADOOP-6941 are making the JVM Kerberos libraries to append an extra element to the kerberos principal of the server (on the client side when creating the token) so HTTP/localhost ends up being HTTP/localhost/localhost. Then, when contacting the KDC to get the granting ticket, the server principal is unknown.

      testAuthenticationPost(org.apache.hadoop.security.authentication.client.TestKerberosAuthenticator)  Time elapsed: 0.053 sec  <<< ERROR!
      org.apache.hadoop.security.authentication.client.AuthenticationException: GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7) - UNKNOWN_SERVER)
      	at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.doSpnegoSequence(KerberosAuthenticator.java:236)
      	at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(KerberosAuthenticator.java:142)
      	at org.apache.hadoop.security.authentication.client.AuthenticatedURL.openConnection(AuthenticatedURL.java:217)
      	at org.apache.hadoop.security.authentication.client.AuthenticatorTestCase._testAuthentication(AuthenticatorTestCase.java:124)
      	at org.apache.hadoop.security.authentication.client.TestKerberosAuthenticator$2.call(TestKerberosAuthenticator.java:77)
      	at org.apache.hadoop.security.authentication.client.TestKerberosAuthenticator$2.call(TestKerberosAuthenticator.java:74)
      	at org.apache.hadoop.security.authentication.KerberosTestUtils$1.run(KerberosTestUtils.java:111)
      	at java.security.AccessController.doPrivileged(Native Method)
      	at javax.security.auth.Subject.doAs(Subject.java:396)
      	at org.apache.hadoop.security.authentication.KerberosTestUtils.doAs(KerberosTestUtils.java:108)
      	at org.apache.hadoop.security.authentication.KerberosTestUtils.doAsClient(KerberosTestUtils.java:124)
      	at org.apache.hadoop.security.authentication.client.TestKerberosAuthenticator.testAuthenticationPost(TestKerberosAuthenticator.java:74)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      	at java.lang.reflect.Method.invoke(Method.java:597)
      	at junit.framework.TestCase.runTest(TestCase.java:168)
      	at junit.framework.TestCase.runBare(TestCase.java:134)
      	at junit.framework.TestResult$1.protect(TestResult.java:110)
      	at junit.framework.TestResult.runProtected(TestResult.java:128)
      	at junit.framework.TestResult.run(TestResult.java:113)
      	at junit.framework.TestCase.run(TestCase.java:124)
      	at junit.framework.TestSuite.runTest(TestSuite.java:243)
      	at junit.framework.TestSuite.run(TestSuite.java:238)
      	at org.junit.internal.runners.JUnit38ClassRunner.run(JUnit38ClassRunner.java:83)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:236)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:134)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:113)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      	at java.lang.reflect.Method.invoke(Method.java:597)
      	at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:189)
      	at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:165)
      	at org.apache.maven.surefire.booter.ProviderFactory.invokeProvider(ProviderFactory.java:85)
      	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:103)
      	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:74)
      Caused by: GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7) - UNKNOWN_SERVER)
      	at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:663)
      	at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:230)
      	at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:162)
      	at org.apache.hadoop.security.authentication.client.KerberosAuthenticator$1.run(KerberosAuthenticator.java:215)
      	at org.apache.hadoop.security.authentication.client.KerberosAuthenticator$1.run(KerberosAuthenticator.java:191)
      	at java.security.AccessController.doPrivileged(Native Method)
      	at javax.security.auth.Subject.doAs(Subject.java:396)
      	at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.doSpnegoSequence(KerberosAuthenticator.java:191)
      	... 36 more
      Caused by: KrbException: Server not found in Kerberos database (7) - UNKNOWN_SERVER
      	at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:64)
      	at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:185)
      	at sun.security.krb5.internal.CredentialsUtil.serviceCreds(CredentialsUtil.java:294)
      	at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(CredentialsUtil.java:106)
      	at sun.security.krb5.Credentials.acquireServiceCreds(Credentials.java:575)
      	at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:594)
      	... 43 more
      Caused by: KrbException: Identifier doesn't match expected value (906)
      	at sun.security.krb5.internal.KDCRep.init(KDCRep.java:133)
      	at sun.security.krb5.internal.TGSRep.init(TGSRep.java:58)
      	at sun.security.krb5.internal.TGSRep.<init>(TGSRep.java:53)
      	at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:46)
      

      Attachments

        1. 8346-trunk.patch
          4 kB
          Devaraj Das
        2. 8346-trunk.patch
          4 kB
          Devaraj Das
        3. debugger.png
          104 kB
          Alejandro Abdelnur

        Activity

          eli2 Eli Collins added a comment -

          Let's revert and re-open HADOOP-6941 since that's dependent on other changes that are not yet complete anyway.

          eli2 Eli Collins added a comment - Let's revert and re-open HADOOP-6941 since that's dependent on other changes that are not yet complete anyway.
          ddas Devaraj Das added a comment -

          I'll take a look at this..
          @Alejandro, can you please provide some more detail if you have on where the extra element to the principal is getting added. Thanks!

          ddas Devaraj Das added a comment - I'll take a look at this.. @Alejandro, can you please provide some more detail if you have on where the extra element to the principal is getting added. Thanks!

          @Devaraj,

          trunk, KerberosAuthenticator class, line 200. The servicePrincipal var is 'HTTP/localhost' and if you inspect the created GSSName object you'll find that internally it become 'HTTP/localhost/<CURRENTHOSTNAME>'. Attached you'll see a debug session of it.

          To run the Kerberos testcases in hadoop-auth I do the following:

          create a test.properties file in hadoop-auth/ with the following contents:

          httpfs.authentication.type=kerberos
          httpfs.authentication.kerberos.principal=HTTP/localhost@LOCALHOST
          httpfs.authentication.kerberos.keytab=/Users/tucu/httpfs.keytab
          

          assumes your realm is LOCALHOST, your SPNEGO principal for httpfs is HTTP/localhost and the keytab has that principal in it. also you have to kinit with a user. Then run

          mvn test -PtestKerberos -Dtest=TestKerberosAuthenticator
          
          tucu00 Alejandro Abdelnur added a comment - @Devaraj, trunk, KerberosAuthenticator class, line 200. The servicePrincipal var is 'HTTP/localhost' and if you inspect the created GSSName object you'll find that internally it become 'HTTP/localhost/<CURRENTHOSTNAME>'. Attached you'll see a debug session of it. To run the Kerberos testcases in hadoop-auth I do the following: create a test.properties file in hadoop-auth/ with the following contents: httpfs.authentication.type=kerberos httpfs.authentication.kerberos.principal=HTTP/localhost@LOCALHOST httpfs.authentication.kerberos.keytab=/Users/tucu/httpfs.keytab assumes your realm is LOCALHOST, your SPNEGO principal for httpfs is HTTP/localhost and the keytab has that principal in it. also you have to kinit with a user. Then run mvn test -PtestKerberos -Dtest=TestKerberosAuthenticator
          ddas Devaraj Das added a comment -

          Reverted back to original oid names.

          ddas Devaraj Das added a comment - Reverted back to original oid names.
          ddas Devaraj Das added a comment -

          Alejandro, can you please check whether the tests pass with this patch. Thanks!

          ddas Devaraj Das added a comment - Alejandro, can you please check whether the tests pass with this patch. Thanks!

          Test passes in a Sun based JVM

          +1. Looks good, just a couple of NITs/suggestions:

          • KerberosAuthentication.java has an unused import 'import java.lang.reflect.Field;'
          • KerberosUtil.java, getOidInstance() the if/else for IBM JVM's, should this check also for Sun in an ifelse and have a follow up else that that throws an exception? Also why the first 2 parameters of getOidInstance() method?, they don't seem used
          tucu00 Alejandro Abdelnur added a comment - Test passes in a Sun based JVM +1. Looks good, just a couple of NITs/suggestions: KerberosAuthentication.java has an unused import 'import java.lang.reflect.Field;' KerberosUtil.java, getOidInstance() the if/else for IBM JVM's, should this check also for Sun in an ifelse and have a follow up else that that throws an exception? Also why the first 2 parameters of getOidInstance() method?, they don't seem used
          ddas Devaraj Das added a comment -

          Patch with some of the nits from Alejandro addressed. Currently, everywhere we just check for IBM's JDK and in the 'else' part we assume Oracle's. I agree that its better to do an explicit check for Oracle's but I think that can be a follow up (change everywhere in one sweep).

          ddas Devaraj Das added a comment - Patch with some of the nits from Alejandro addressed. Currently, everywhere we just check for IBM's JDK and in the 'else' part we assume Oracle's. I agree that its better to do an explicit check for Oracle's but I think that can be a follow up (change everywhere in one sweep).

          +1, tested again with Sun JVM, still works

          tucu00 Alejandro Abdelnur added a comment - +1, tested again with Sun JVM, still works
          mattf Matthew Foley added a comment -

          Thanks, Devaraj. Please commit to branch-1 and branch-1.0.

          mattf Matthew Foley added a comment - Thanks, Devaraj. Please commit to branch-1 and branch-1.0.
          hadoopqa Hadoop QA added a comment -

          -1 overall. Here are the results of testing the latest attachment
          http://issues.apache.org/jira/secure/attachment/12525464/8346-trunk.patch
          against trunk revision .

          +1 @author. The patch does not contain any @author tags.

          +1 tests included. The patch appears to include 1 new or modified test files.

          -1 javadoc. The javadoc tool appears to have generated 2 warning messages.

          +1 javac. The applied patch does not increase the total number of javac compiler warnings.

          +1 eclipse:eclipse. The patch built with eclipse:eclipse.

          +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings.

          +1 release audit. The applied patch does not increase the total number of release audit warnings.

          +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-auth.

          +1 contrib tests. The patch passed contrib unit tests.

          Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/928//testReport/
          Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/928//console

          This message is automatically generated.

          hadoopqa Hadoop QA added a comment - -1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12525464/8346-trunk.patch against trunk revision . +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 1 new or modified test files. -1 javadoc. The javadoc tool appears to have generated 2 warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 eclipse:eclipse. The patch built with eclipse:eclipse. +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-auth. +1 contrib tests. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/928//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/928//console This message is automatically generated.
          hudson Hudson added a comment -

          Integrated in Hadoop-Hdfs-trunk-Commit #2253 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Commit/2253/)
          HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557)

          Result = SUCCESS
          ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557
          Files :

          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          hudson Hudson added a comment - Integrated in Hadoop-Hdfs-trunk-Commit #2253 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Commit/2253/ ) HADOOP-8346 . Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557) Result = SUCCESS ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          hudson Hudson added a comment -

          Integrated in Hadoop-Common-trunk-Commit #2179 (See https://builds.apache.org/job/Hadoop-Common-trunk-Commit/2179/)
          HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557)

          Result = SUCCESS
          ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557
          Files :

          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          hudson Hudson added a comment - Integrated in Hadoop-Common-trunk-Commit #2179 (See https://builds.apache.org/job/Hadoop-Common-trunk-Commit/2179/ ) HADOOP-8346 . Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557) Result = SUCCESS ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          ddas Devaraj Das added a comment -

          Committed everywhere. Thanks, Alejandro for the test help.

          ddas Devaraj Das added a comment - Committed everywhere. Thanks, Alejandro for the test help.
          hudson Hudson added a comment -

          Integrated in Hadoop-Mapreduce-trunk-Commit #2197 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Commit/2197/)
          HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557)

          Result = ABORTED
          ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557
          Files :

          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          hudson Hudson added a comment - Integrated in Hadoop-Mapreduce-trunk-Commit #2197 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Commit/2197/ ) HADOOP-8346 . Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557) Result = ABORTED ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          hudson Hudson added a comment -

          Integrated in Hadoop-Hdfs-trunk #1034 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/1034/)
          HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557)

          Result = FAILURE
          ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557
          Files :

          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          hudson Hudson added a comment - Integrated in Hadoop-Hdfs-trunk #1034 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/1034/ ) HADOOP-8346 . Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557) Result = FAILURE ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          hudson Hudson added a comment -

          Integrated in Hadoop-Mapreduce-trunk #1069 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1069/)
          HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557)

          Result = SUCCESS
          ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557
          Files :

          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
          • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          hudson Hudson added a comment - Integrated in Hadoop-Mapreduce-trunk #1069 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1069/ ) HADOOP-8346 . Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557) Result = SUCCESS ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
          mattf Matthew Foley added a comment -

          Closed upon release of Hadoop-1.0.3.

          mattf Matthew Foley added a comment - Closed upon release of Hadoop-1.0.3.
          hudson Hudson added a comment -

          Integrated in Hadoop-Hdfs-0.23-Build #512 (See https://builds.apache.org/job/Hadoop-Hdfs-0.23-Build/512/)
          HADOOP-8346. Changes to support Kerberos with non Sun JVM (HADOOP-6941) broke SPNEGO (Devaraj Das via tgraves) (Revision 1441227)

          Result = SUCCESS
          tgraves : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1441227
          Files :

          • /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
          • /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
          • /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
          • /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/CHANGES.txt
          hudson Hudson added a comment - Integrated in Hadoop-Hdfs-0.23-Build #512 (See https://builds.apache.org/job/Hadoop-Hdfs-0.23-Build/512/ ) HADOOP-8346 . Changes to support Kerberos with non Sun JVM ( HADOOP-6941 ) broke SPNEGO (Devaraj Das via tgraves) (Revision 1441227) Result = SUCCESS tgraves : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1441227 Files : /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/CHANGES.txt

          People

            ddas Devaraj Das
            tucu00 Alejandro Abdelnur
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: