Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-3460

HttpFS proxyuser validation with Kerberos ON uses full principal name

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 2.0.0-alpha
    • 2.0.2-alpha
    • None
    • None
    • Reviewed

    Description

      The HttpFSServer.getEffectiveUser() method uses the principal name for proxy user verification. If the Kerberos is ON and the proxy user is a service principal (NAME/HOST) then the verification fails, instead the short name (just NAME) should be used.

      Attachments

        1. HDFS-3460.patch
          2 kB
          Alejandro Abdelnur

        Activity

          People

            tucu00 Alejandro Abdelnur
            tucu00 Alejandro Abdelnur
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: