Uploaded image for project: 'Apache Ozone'
  1. Apache Ozone
  2. HDDS-5165

OM DB checkpoint servlet not accessible in a secure cluster

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 1.1.0
    • None
    • OM

    Description

      When security and ACL is enabled, but not spnego, the OMDBCheckpointServlet throws an error:

      10:02:29.094 PM ERROR OMDBCheckpointServlet 
       Permission denied: User principal 'dr.who' does not have access to /dbCheckpoint.
       This can happen when Ozone Manager is started with a different user.
       Please append 'dr.who' to OM 'ozone.administrators' config and restart OM to grant current user access to this endpoint.

      When Spnego is disabled, permissions cannot be checked since HTTP request will not have an identity (kerberos principal) which is causing this error.

      Attachments

        Issue Links

          Activity

            People

              vivekratnavel Vivek Ratnavel Subramanian
              vivekratnavel Vivek Ratnavel Subramanian
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: