Hadoop Map/Reduce
  1. Hadoop Map/Reduce
  2. MAPREDUCE-1516

JobTracker should issue a delegation token only for kerberos authenticated client

    Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.22.0
    • Component/s: None
    • Labels:
      None

      Description

      Delegation tokens should be issued only if the client is kerberos authenticated.

      1. MR-1516.9.patch
        8 kB
        Jitendra Nath Pandey
      2. MR-1516.8.patch
        8 kB
        Jitendra Nath Pandey
      3. MR-1516.3.patch
        9 kB
        Jitendra Nath Pandey
      4. MR-1516.2.patch
        8 kB
        Jitendra Nath Pandey
      5. MR-1516.1.patch
        8 kB
        Jitendra Nath Pandey
      6. ASF.LICENSE.NOT.GRANTED--MR-1516.6.patch
        9 kB
        Jitendra Nath Pandey
      7. ASF.LICENSE.NOT.GRANTED--MR-1516.5.patch
        9 kB
        Jitendra Nath Pandey
      8. ASF.LICENSE.NOT.GRANTED--MR-1516.4.patch
        9 kB
        Jitendra Nath Pandey

        Issue Links

          Activity

          Hide
          Jitendra Nath Pandey added a comment -

          tests, test-patch, findbugs, javadoc and javac warnings were run manually.

          Show
          Jitendra Nath Pandey added a comment - tests, test-patch, findbugs, javadoc and javac warnings were run manually.
          Hide
          Jitendra Nath Pandey added a comment -

          New patch uploaded accommodating the interface changes in HADOOP-6580

          Show
          Jitendra Nath Pandey added a comment - New patch uploaded accommodating the interface changes in HADOOP-6580
          Hide
          Jitendra Nath Pandey added a comment -

          Updated patch re-based against latest trunk.

          Show
          Jitendra Nath Pandey added a comment - Updated patch re-based against latest trunk.
          Hide
          Jitendra Nath Pandey added a comment -

          MR-1516.4.patch is submitted for hudson tests.

          Show
          Jitendra Nath Pandey added a comment - MR-1516.4.patch is submitted for hudson tests.
          Hide
          Boris Shkolnik added a comment -

          1. having two asserts doesn't make sense:
          Assert.assertTrue(token != null);
          Assert.fail("Delegation token should not be issued without Kerberos authentication");

          otherwise looks good.

          Show
          Boris Shkolnik added a comment - 1. having two asserts doesn't make sense: Assert.assertTrue(token != null); Assert.fail("Delegation token should not be issued without Kerberos authentication"); otherwise looks good.
          Hide
          Jitendra Nath Pandey added a comment -

          New patch addressing the comment.

          Show
          Jitendra Nath Pandey added a comment - New patch addressing the comment.
          Hide
          Jitendra Nath Pandey added a comment -

          test-patch results

          [exec] +1 overall.
          [exec]
          [exec] +1 @author. The patch does not contain any @author tags.
          [exec]
          [exec] +1 tests included. The patch appears to include 3 new or modified tests.
          [exec]
          [exec] +1 javadoc. The javadoc tool did not generate any warning messages.
          [exec]
          [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings.
          [exec]
          [exec] +1 findbugs. The patch does not introduce any new Findbugs warnings.
          [exec]
          [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings.

          Show
          Jitendra Nath Pandey added a comment - test-patch results [exec] +1 overall. [exec] [exec] +1 @author. The patch does not contain any @author tags. [exec] [exec] +1 tests included. The patch appears to include 3 new or modified tests. [exec] [exec] +1 javadoc. The javadoc tool did not generate any warning messages. [exec] [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings. [exec] [exec] +1 findbugs. The patch does not introduce any new Findbugs warnings. [exec] [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings.
          Hide
          Jitendra Nath Pandey added a comment -

          I ran ant tests. All tests passed except TestMiniMRChildTask, which also fails without this patch.

          Show
          Jitendra Nath Pandey added a comment - I ran ant tests. All tests passed except TestMiniMRChildTask, which also fails without this patch.
          Hide
          Devaraj Das added a comment -

          Sigh .. I wish we hadn't duplicated the methods isAllowedDelegationTokenOp and getConnectionAuthenticationMethod in MR and HDFS, and instead defined something that would address what the methods provide in Common. Could you please take care of this..

          Show
          Devaraj Das added a comment - Sigh .. I wish we hadn't duplicated the methods isAllowedDelegationTokenOp and getConnectionAuthenticationMethod in MR and HDFS, and instead defined something that would address what the methods provide in Common. Could you please take care of this..
          Hide
          Jitendra Nath Pandey added a comment -

          New patch uploaded

          test-patch results

          [exec] +1 overall.
          [exec]
          [exec] +1 @author. The patch does not contain any @author tags.
          [exec]
          [exec] +1 tests included. The patch appears to include 3 new or modified tests.
          [exec]
          [exec] +1 javadoc. The javadoc tool did not generate any warning messages.
          [exec]
          [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings.
          [exec]
          [exec] +1 findbugs. The patch does not introduce any new Findbugs warnings.
          [exec]
          [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings.

          Show
          Jitendra Nath Pandey added a comment - New patch uploaded test-patch results [exec] +1 overall. [exec] [exec] +1 @author. The patch does not contain any @author tags. [exec] [exec] +1 tests included. The patch appears to include 3 new or modified tests. [exec] [exec] +1 javadoc. The javadoc tool did not generate any warning messages. [exec] [exec] +1 javac. The applied patch does not increase the total number of javac compiler warnings. [exec] [exec] +1 findbugs. The patch does not introduce any new Findbugs warnings. [exec] [exec] +1 release audit. The applied patch does not increase the total number of release audit warnings.
          Hide
          Jitendra Nath Pandey added a comment -

          ant test was run manually. All tests pass except TestMiniMRChildTask, which also fails without this patch.

          Show
          Jitendra Nath Pandey added a comment - ant test was run manually. All tests pass except TestMiniMRChildTask, which also fails without this patch.
          Hide
          Devaraj Das added a comment -

          I just committed the changes in JobTracker.java to the trunk. Although the testcase validates the patch, I didn't commit the testcase since it seems difficult to maintain this testcase in the long run (it switches the authentication method from simple to kerberos in the middle of the testcase).

          Show
          Devaraj Das added a comment - I just committed the changes in JobTracker.java to the trunk. Although the testcase validates the patch, I didn't commit the testcase since it seems difficult to maintain this testcase in the long run (it switches the authentication method from simple to kerberos in the middle of the testcase).

            People

            • Assignee:
              Jitendra Nath Pandey
              Reporter:
              Jitendra Nath Pandey
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development