hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kan Zhang (JIRA)" <j...@apache.org>
Subject [jira] Updated: (HADOOP-6603) Provide workaround for issue with Kerberos not resolving cross-realm principal
Date Thu, 04 Mar 2010 01:49:27 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-6603?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Kan Zhang updated HADOOP-6603:
------------------------------

    Attachment: HADOOP-6603-Y20S-4.patch

uploaded a new patch based on Jakob's patch (not for commit to trunk) 
1. Moved SecurityUtil.java from hdfs to core.
2. Added comments on the possible presence of cross-realm TGT's in the Subject's credential
cache.

> Provide workaround for issue with Kerberos not resolving cross-realm principal
> ------------------------------------------------------------------------------
>
>                 Key: HADOOP-6603
>                 URL: https://issues.apache.org/jira/browse/HADOOP-6603
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>            Reporter: Jakob Homan
>         Attachments: HADOOP-6603-Y20S-2.patch, HADOOP-6603-Y20S-3.patch, HADOOP-6603-Y20S-4.patch,
HADOOP-6603-Y20S.patch
>
>
> Java's SSL-Kerberos implementation does not correctly obtain the principal for cross-realm
principles when clients initiate connections to servers, resulting in the client being unable
to authenticate the server.  We need a work-around until this bug gets fixed.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message