Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-8572

Have the ability to force the use of the login user

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      In Karaf, most of the code is run under the "karaf" user. When a user ssh into Karaf, commands will be executed under that user.
      Deploying hadoop inside Karaf requires that the authenticated Subject has the required hadoop principals set, which forces the reconfiguration of the whole security layer, even at dev time.

      My patch proposes the introduction of a new configuration property hadoop.security.force.login.user which if set to true (it would default to false to keep the current behavior), would force the use of the login user instead of using the authenticated subject (which is what happen when there's no authenticated subject at all). This greatly simplifies the use of hadoop in such environments where security isn't really needed (at dev time).

        Attachments

        1. HADOOP-8572.patch
          2 kB
          Guillaume Nodet

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                gnodet Guillaume Nodet
              • Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated: