Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Invalid
-
1.0.0, 2.0.0-alpha, 3.0.0-alpha1
-
None
Description
In KerberosAuthenticator we construct the principal as follows:
String servicePrincipal = "HTTP/" + KerberosAuthenticator.this.url.getHost();
Seems like we should use the configured hadoop.http.authentication.kerberos.principal instead right?
I hit this issue as a distcp using webhdfs://localhost fails because HTTP/localhost is not in the kerb DB but using webhdfs://eli-thinkpad works because HTTP/eli-thinkpad is (and is my configured principal). distcp using Hftp://localhost with the same config works so it looks like this check is webhdfs specific for some reason (webhdfs is using spnego and hftp is not?).