[HADOOP-9019] KerberosAuthenticator.doSpnegoSequence(..) should create a HTTP principal with hostname everytime - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Description

in KerberosAuthenticator.doSpnegoSequence(..) following line of code will just create a principal of the form "HTTP/<host>",

            String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP",
                KerberosAuthenticator.this.url.getHost());

but uri.getHost() is not sure of always getting hostname. If uri contains IP, then it just returns IP.

For SPNEGO authentication principal should always be created with <hostname>.

This code should be something like this, which will look /etc/hosts to get hostname

            String hostname = InetAddress.getByName(
                KerberosAuthenticator.this.url.getHost()).getHostName();
String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP",
                hostname);

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Vinayakumar B

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 08/Nov/12 08:48

Updated:: 19/Nov/12 05:00