hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron T. Myers (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-8381) Substitute _HOST with hostname for HTTP principals
Date Thu, 10 May 2012 02:26:49 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-8381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13272036#comment-13272036
] 

Aaron T. Myers commented on HADOOP-8381:
----------------------------------------

Hi Benoy, I don't think this patch works as intended. I don't think it makes sense to default
to using the local hostname if no hostname is provided to SecurityUtil#getServerPrincipal(...).
                
> Substitute _HOST with hostname  for HTTP principals 
> ----------------------------------------------------
>
>                 Key: HADOOP-8381
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8381
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: security
>    Affects Versions: 0.22.0
>            Reporter: Benoy Antony
>            Assignee: Benoy Antony
>            Priority: Minor
>             Fix For: 0.22.1
>
>         Attachments: HOST-substitution-spnego.patch
>
>
> SPNEGO based Web Authentication uses HTTP/fqdn@REALM as the kerberos principal for each
host.
> Since it is difficult to modify the config for each host, a substitution feature where
_HOST gets replaced by fqdn is implemented. 
> The task is to provide similar feature for the kerberos principals used for SPNEGO principals

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message