Description
Ranger-Admin enable security mode should not depend on configuration logdir,
in fact, it should depend on whether hadoop.security.authentication is kerberos.
If the logdir is null, even if Ranger-Admin is set to Kerberos authentication,
the Ranger-Admin would not enable security mode.
By the way, people who read the code will be confused,
because logdir has nothing to do with security of Ranger-Admin.
The code which have problem can be found in Java method EmbeddedServer.start():
if (getConfig("logdir") != null) { String keytab = getConfig(ADMIN_USER_KEYTAB); String principal = null; ...... if (getConfig(AUTHENTICATION_TYPE) != null && getConfig(AUTHENTICATION_TYPE).trim().equalsIgnoreCase(AUTH_TYPE_KERBEROS) && SecureClientLogin.isKerberosCredentialExists(principal, keytab)){ ...... } }
Attachments
Attachments
Issue Links
- is duplicated by
-
RANGER-1280 Currently the ranger-admin will be aborted and couldn't find any error messages in log file when the exception occured. We should get the default value instead of aborted and record the error log.
- Resolved
-
RANGER-1287 Remove code duplication from Java method EmbeddedServer.start()
- Resolved
- links to