[HADOOP-8572] Have the ability to force the use of the login user - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

In Karaf, most of the code is run under the "karaf" user. When a user ssh into Karaf, commands will be executed under that user.
Deploying hadoop inside Karaf requires that the authenticated Subject has the required hadoop principals set, which forces the reconfiguration of the whole security layer, even at dev time.

My patch proposes the introduction of a new configuration property hadoop.security.force.login.user which if set to true (it would default to false to keep the current behavior), would force the use of the login user instead of using the authenticated subject (which is what happen when there's no authenticated subject at all). This greatly simplifies the use of hadoop in such environments where security isn't really needed (at dev time).

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-8572.patch
07/Jul/12 08:47
2 kB
Guillaume Nodet

Issue Links

is related to

HADOOP-7101 UserGroupInformation.getCurrentUser() fails when called from non-Hadoop JAAS context

Closed

relates to

HADOOP-7977 Allow Hadoop clients and services to run in an OSGi container

Resolved

Activity

People

Assignee:: Unassigned

Reporter:: Guillaume Nodet

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 06/Jul/12 14:04

Updated:: 22/May/14 08:32