Hadoop Common
  1. Hadoop Common
  2. HADOOP-8346

Changes to support Kerberos with non Sun JVM (HADOOP-6941) broke SPNEGO

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Blocker Blocker
    • Resolution: Fixed
    • Affects Version/s: 1.0.3, 2.0.0-alpha, 3.0.0
    • Fix Version/s: 1.0.3, 0.23.7
    • Component/s: security
    • Labels:
      None

      Description

      before HADOOP-6941 hadoop-auth testcases with Kerberos ON pass, mvn test -PtestKerberos

      after HADOOP-6941 the tests fail with the error below.

      Doing some IDE debugging I've found out that the changes in HADOOP-6941 are making the JVM Kerberos libraries to append an extra element to the kerberos principal of the server (on the client side when creating the token) so HTTP/localhost ends up being HTTP/localhost/localhost. Then, when contacting the KDC to get the granting ticket, the server principal is unknown.

      testAuthenticationPost(org.apache.hadoop.security.authentication.client.TestKerberosAuthenticator)  Time elapsed: 0.053 sec  <<< ERROR!
      org.apache.hadoop.security.authentication.client.AuthenticationException: GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7) - UNKNOWN_SERVER)
      	at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.doSpnegoSequence(KerberosAuthenticator.java:236)
      	at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(KerberosAuthenticator.java:142)
      	at org.apache.hadoop.security.authentication.client.AuthenticatedURL.openConnection(AuthenticatedURL.java:217)
      	at org.apache.hadoop.security.authentication.client.AuthenticatorTestCase._testAuthentication(AuthenticatorTestCase.java:124)
      	at org.apache.hadoop.security.authentication.client.TestKerberosAuthenticator$2.call(TestKerberosAuthenticator.java:77)
      	at org.apache.hadoop.security.authentication.client.TestKerberosAuthenticator$2.call(TestKerberosAuthenticator.java:74)
      	at org.apache.hadoop.security.authentication.KerberosTestUtils$1.run(KerberosTestUtils.java:111)
      	at java.security.AccessController.doPrivileged(Native Method)
      	at javax.security.auth.Subject.doAs(Subject.java:396)
      	at org.apache.hadoop.security.authentication.KerberosTestUtils.doAs(KerberosTestUtils.java:108)
      	at org.apache.hadoop.security.authentication.KerberosTestUtils.doAsClient(KerberosTestUtils.java:124)
      	at org.apache.hadoop.security.authentication.client.TestKerberosAuthenticator.testAuthenticationPost(TestKerberosAuthenticator.java:74)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      	at java.lang.reflect.Method.invoke(Method.java:597)
      	at junit.framework.TestCase.runTest(TestCase.java:168)
      	at junit.framework.TestCase.runBare(TestCase.java:134)
      	at junit.framework.TestResult$1.protect(TestResult.java:110)
      	at junit.framework.TestResult.runProtected(TestResult.java:128)
      	at junit.framework.TestResult.run(TestResult.java:113)
      	at junit.framework.TestCase.run(TestCase.java:124)
      	at junit.framework.TestSuite.runTest(TestSuite.java:243)
      	at junit.framework.TestSuite.run(TestSuite.java:238)
      	at org.junit.internal.runners.JUnit38ClassRunner.run(JUnit38ClassRunner.java:83)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:236)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:134)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:113)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      	at java.lang.reflect.Method.invoke(Method.java:597)
      	at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:189)
      	at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:165)
      	at org.apache.maven.surefire.booter.ProviderFactory.invokeProvider(ProviderFactory.java:85)
      	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:103)
      	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:74)
      Caused by: GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7) - UNKNOWN_SERVER)
      	at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:663)
      	at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:230)
      	at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:162)
      	at org.apache.hadoop.security.authentication.client.KerberosAuthenticator$1.run(KerberosAuthenticator.java:215)
      	at org.apache.hadoop.security.authentication.client.KerberosAuthenticator$1.run(KerberosAuthenticator.java:191)
      	at java.security.AccessController.doPrivileged(Native Method)
      	at javax.security.auth.Subject.doAs(Subject.java:396)
      	at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.doSpnegoSequence(KerberosAuthenticator.java:191)
      	... 36 more
      Caused by: KrbException: Server not found in Kerberos database (7) - UNKNOWN_SERVER
      	at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:64)
      	at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:185)
      	at sun.security.krb5.internal.CredentialsUtil.serviceCreds(CredentialsUtil.java:294)
      	at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(CredentialsUtil.java:106)
      	at sun.security.krb5.Credentials.acquireServiceCreds(Credentials.java:575)
      	at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:594)
      	... 43 more
      Caused by: KrbException: Identifier doesn't match expected value (906)
      	at sun.security.krb5.internal.KDCRep.init(KDCRep.java:133)
      	at sun.security.krb5.internal.TGSRep.init(TGSRep.java:58)
      	at sun.security.krb5.internal.TGSRep.<init>(TGSRep.java:53)
      	at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:46)
      
      1. debugger.png
        104 kB
        Alejandro Abdelnur
      2. 8346-trunk.patch
        4 kB
        Devaraj Das
      3. 8346-trunk.patch
        4 kB
        Devaraj Das

        Activity

        Hide
        Eli Collins added a comment -

        Let's revert and re-open HADOOP-6941 since that's dependent on other changes that are not yet complete anyway.

        Show
        Eli Collins added a comment - Let's revert and re-open HADOOP-6941 since that's dependent on other changes that are not yet complete anyway.
        Hide
        Devaraj Das added a comment -

        I'll take a look at this..
        @Alejandro, can you please provide some more detail if you have on where the extra element to the principal is getting added. Thanks!

        Show
        Devaraj Das added a comment - I'll take a look at this.. @Alejandro, can you please provide some more detail if you have on where the extra element to the principal is getting added. Thanks!
        Hide
        Alejandro Abdelnur added a comment -

        @Devaraj,

        trunk, KerberosAuthenticator class, line 200. The servicePrincipal var is 'HTTP/localhost' and if you inspect the created GSSName object you'll find that internally it become 'HTTP/localhost/<CURRENTHOSTNAME>'. Attached you'll see a debug session of it.

        To run the Kerberos testcases in hadoop-auth I do the following:

        create a test.properties file in hadoop-auth/ with the following contents:

        httpfs.authentication.type=kerberos
        httpfs.authentication.kerberos.principal=HTTP/localhost@LOCALHOST
        httpfs.authentication.kerberos.keytab=/Users/tucu/httpfs.keytab
        

        assumes your realm is LOCALHOST, your SPNEGO principal for httpfs is HTTP/localhost and the keytab has that principal in it. also you have to kinit with a user. Then run

        mvn test -PtestKerberos -Dtest=TestKerberosAuthenticator
        
        Show
        Alejandro Abdelnur added a comment - @Devaraj, trunk, KerberosAuthenticator class, line 200. The servicePrincipal var is 'HTTP/localhost' and if you inspect the created GSSName object you'll find that internally it become 'HTTP/localhost/<CURRENTHOSTNAME>'. Attached you'll see a debug session of it. To run the Kerberos testcases in hadoop-auth I do the following: create a test.properties file in hadoop-auth/ with the following contents: httpfs.authentication.type=kerberos httpfs.authentication.kerberos.principal=HTTP/localhost@LOCALHOST httpfs.authentication.kerberos.keytab=/Users/tucu/httpfs.keytab assumes your realm is LOCALHOST, your SPNEGO principal for httpfs is HTTP/localhost and the keytab has that principal in it. also you have to kinit with a user. Then run mvn test -PtestKerberos -Dtest=TestKerberosAuthenticator
        Hide
        Devaraj Das added a comment -

        Reverted back to original oid names.

        Show
        Devaraj Das added a comment - Reverted back to original oid names.
        Hide
        Devaraj Das added a comment -

        Alejandro, can you please check whether the tests pass with this patch. Thanks!

        Show
        Devaraj Das added a comment - Alejandro, can you please check whether the tests pass with this patch. Thanks!
        Hide
        Alejandro Abdelnur added a comment -

        Test passes in a Sun based JVM

        +1. Looks good, just a couple of NITs/suggestions:

        • KerberosAuthentication.java has an unused import 'import java.lang.reflect.Field;'
        • KerberosUtil.java, getOidInstance() the if/else for IBM JVM's, should this check also for Sun in an ifelse and have a follow up else that that throws an exception? Also why the first 2 parameters of getOidInstance() method?, they don't seem used
        Show
        Alejandro Abdelnur added a comment - Test passes in a Sun based JVM +1. Looks good, just a couple of NITs/suggestions: KerberosAuthentication.java has an unused import 'import java.lang.reflect.Field;' KerberosUtil.java, getOidInstance() the if/else for IBM JVM's, should this check also for Sun in an ifelse and have a follow up else that that throws an exception? Also why the first 2 parameters of getOidInstance() method?, they don't seem used
        Hide
        Devaraj Das added a comment -

        Patch with some of the nits from Alejandro addressed. Currently, everywhere we just check for IBM's JDK and in the 'else' part we assume Oracle's. I agree that its better to do an explicit check for Oracle's but I think that can be a follow up (change everywhere in one sweep).

        Show
        Devaraj Das added a comment - Patch with some of the nits from Alejandro addressed. Currently, everywhere we just check for IBM's JDK and in the 'else' part we assume Oracle's. I agree that its better to do an explicit check for Oracle's but I think that can be a follow up (change everywhere in one sweep).
        Hide
        Alejandro Abdelnur added a comment -

        +1, tested again with Sun JVM, still works

        Show
        Alejandro Abdelnur added a comment - +1, tested again with Sun JVM, still works
        Hide
        Matt Foley added a comment -

        Thanks, Devaraj. Please commit to branch-1 and branch-1.0.

        Show
        Matt Foley added a comment - Thanks, Devaraj. Please commit to branch-1 and branch-1.0.
        Hide
        Hadoop QA added a comment -

        -1 overall. Here are the results of testing the latest attachment
        http://issues.apache.org/jira/secure/attachment/12525464/8346-trunk.patch
        against trunk revision .

        +1 @author. The patch does not contain any @author tags.

        +1 tests included. The patch appears to include 1 new or modified test files.

        -1 javadoc. The javadoc tool appears to have generated 2 warning messages.

        +1 javac. The applied patch does not increase the total number of javac compiler warnings.

        +1 eclipse:eclipse. The patch built with eclipse:eclipse.

        +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings.

        +1 release audit. The applied patch does not increase the total number of release audit warnings.

        +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-auth.

        +1 contrib tests. The patch passed contrib unit tests.

        Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/928//testReport/
        Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/928//console

        This message is automatically generated.

        Show
        Hadoop QA added a comment - -1 overall. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12525464/8346-trunk.patch against trunk revision . +1 @author. The patch does not contain any @author tags. +1 tests included. The patch appears to include 1 new or modified test files. -1 javadoc. The javadoc tool appears to have generated 2 warning messages. +1 javac. The applied patch does not increase the total number of javac compiler warnings. +1 eclipse:eclipse. The patch built with eclipse:eclipse. +1 findbugs. The patch does not introduce any new Findbugs (version 1.3.9) warnings. +1 release audit. The applied patch does not increase the total number of release audit warnings. +1 core tests. The patch passed unit tests in hadoop-common-project/hadoop-auth. +1 contrib tests. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HADOOP-Build/928//testReport/ Console output: https://builds.apache.org/job/PreCommit-HADOOP-Build/928//console This message is automatically generated.
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Hdfs-trunk-Commit #2253 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Commit/2253/)
        HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557)

        Result = SUCCESS
        ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557
        Files :

        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - Integrated in Hadoop-Hdfs-trunk-Commit #2253 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Commit/2253/ ) HADOOP-8346 . Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557) Result = SUCCESS ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Common-trunk-Commit #2179 (See https://builds.apache.org/job/Hadoop-Common-trunk-Commit/2179/)
        HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557)

        Result = SUCCESS
        ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557
        Files :

        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - Integrated in Hadoop-Common-trunk-Commit #2179 (See https://builds.apache.org/job/Hadoop-Common-trunk-Commit/2179/ ) HADOOP-8346 . Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557) Result = SUCCESS ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Devaraj Das added a comment -

        Committed everywhere. Thanks, Alejandro for the test help.

        Show
        Devaraj Das added a comment - Committed everywhere. Thanks, Alejandro for the test help.
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Mapreduce-trunk-Commit #2197 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Commit/2197/)
        HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557)

        Result = ABORTED
        ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557
        Files :

        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - Integrated in Hadoop-Mapreduce-trunk-Commit #2197 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Commit/2197/ ) HADOOP-8346 . Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557) Result = ABORTED ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Hdfs-trunk #1034 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/1034/)
        HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557)

        Result = FAILURE
        ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557
        Files :

        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - Integrated in Hadoop-Hdfs-trunk #1034 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/1034/ ) HADOOP-8346 . Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557) Result = FAILURE ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Mapreduce-trunk #1069 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1069/)
        HADOOP-8346. Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557)

        Result = SUCCESS
        ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557
        Files :

        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
        • /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - Integrated in Hadoop-Mapreduce-trunk #1069 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/1069/ ) HADOOP-8346 . Makes oid changes to make SPNEGO work. Was broken due to fixes introduced by the IBM JDK compatibility patch. Contributed by Devaraj Das. (Revision 1333557) Result = SUCCESS ddas : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1333557 Files : /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/trunk/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
        Hide
        Matt Foley added a comment -

        Closed upon release of Hadoop-1.0.3.

        Show
        Matt Foley added a comment - Closed upon release of Hadoop-1.0.3.
        Hide
        Hudson added a comment -

        Integrated in Hadoop-Hdfs-0.23-Build #512 (See https://builds.apache.org/job/Hadoop-Hdfs-0.23-Build/512/)
        HADOOP-8346. Changes to support Kerberos with non Sun JVM (HADOOP-6941) broke SPNEGO (Devaraj Das via tgraves) (Revision 1441227)

        Result = SUCCESS
        tgraves : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1441227
        Files :

        • /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java
        • /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java
        • /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java
        • /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/CHANGES.txt
        Show
        Hudson added a comment - Integrated in Hadoop-Hdfs-0.23-Build #512 (See https://builds.apache.org/job/Hadoop-Hdfs-0.23-Build/512/ ) HADOOP-8346 . Changes to support Kerberos with non Sun JVM ( HADOOP-6941 ) broke SPNEGO (Devaraj Das via tgraves) (Revision 1441227) Result = SUCCESS tgraves : http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1441227 Files : /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/KerberosUtil.java /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestKerberosAuthenticationHandler.java /hadoop/common/branches/branch-0.23/hadoop-common-project/hadoop-common/CHANGES.txt

          People

          • Assignee:
            Devaraj Das
            Reporter:
            Alejandro Abdelnur
          • Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development