Hadoop HDFS
  1. Hadoop HDFS
  2. HDFS-3460

HttpFS proxyuser validation with Kerberos ON uses full principal name

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: 2.0.0-alpha
    • Fix Version/s: 2.0.2-alpha
    • Component/s: None
    • Labels:
      None
    • Target Version/s:
    • Hadoop Flags:
      Reviewed

      Description

      The HttpFSServer.getEffectiveUser() method uses the principal name for proxy user verification. If the Kerberos is ON and the proxy user is a service principal (NAME/HOST) then the verification fails, instead the short name (just NAME) should be used.

      1. HDFS-3460.patch
        2 kB
        Alejandro Abdelnur

        Activity

        Alejandro Abdelnur created issue -
        Alejandro Abdelnur made changes -
        Field Original Value New Value
        Attachment HDFS-3460.patch [ 12528821 ]
        Alejandro Abdelnur made changes -
        Status Open [ 1 ] Patch Available [ 10002 ]
        Alejandro Abdelnur made changes -
        Fix Version/s 2.0.1-alpha [ 12321440 ]
        Alejandro Abdelnur made changes -
        Target Version/s 2.0.1-alpha [ 12321440 ]
        Alejandro Abdelnur made changes -
        Status Patch Available [ 10002 ] Resolved [ 5 ]
        Hadoop Flags Reviewed [ 10343 ]
        Fix Version/s 2.0.1-alpha [ 12321440 ]
        Resolution Fixed [ 1 ]
        Arun C Murthy made changes -
        Fix Version/s 2.0.2-alpha [ 12322472 ]
        Fix Version/s 2.1.0-alpha [ 12321440 ]
        Arun C Murthy made changes -
        Status Resolved [ 5 ] Closed [ 6 ]

          People

          • Assignee:
            Alejandro Abdelnur
            Reporter:
            Alejandro Abdelnur
          • Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development