hadoop-common-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xiaoyu Yao (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HADOOP-13520) Document HADOOP-10158 for multi home/SPN support of HTTP principles
Date Fri, 19 Aug 2016 21:20:20 GMT
Xiaoyu Yao created HADOOP-13520:

             Summary: Document HADOOP-10158 for multi home/SPN support of HTTP principles
                 Key: HADOOP-13520
                 URL: https://issues.apache.org/jira/browse/HADOOP-13520
             Project: Hadoop Common
          Issue Type: Improvement
            Reporter: Xiaoyu Yao
            Assignee: Xiaoyu Yao

With HADOOP-10158, it is possible to load multiple principal names or all HTTP principals
in the key tab by specifying “*” for multi home/realm scenarios where multiple SPNs exist
for HTTP. 

This ticket is opened to 

1) Document the newly supported option * for HTTP principles such as hadoop.http.authentication.kerberos.principal.

2) Change the hadoop.http.authentication.kerberos.principal in core-default.xml from 
    Indicates the Kerberos principal to be used for HTTP endpoint.
    The principal MUST start with 'HTTP/' as per Kerberos HTTP SPNEGO specification.

to save one more configuration key needed.
    Indicates using all the Kerberos principals from hadoop.http.authentication.kerberos.keytab
for Kerberos HTTP SPNEGO authentication, which is needed for multiple interface/SPN scenarios.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-dev-help@hadoop.apache.org

View raw message