hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron T. Myers (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-8381) Substitute _HOST with hostname for HTTP principals
Date Thu, 10 May 2012 02:26:49 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-8381?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13272036#comment-13272036

Aaron T. Myers commented on HADOOP-8381:

Hi Benoy, I don't think this patch works as intended. I don't think it makes sense to default
to using the local hostname if no hostname is provided to SecurityUtil#getServerPrincipal(...).
> Substitute _HOST with hostname  for HTTP principals 
> ----------------------------------------------------
>                 Key: HADOOP-8381
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8381
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: security
>    Affects Versions: 0.22.0
>            Reporter: Benoy Antony
>            Assignee: Benoy Antony
>            Priority: Minor
>             Fix For: 0.22.1
>         Attachments: HOST-substitution-spnego.patch
> SPNEGO based Web Authentication uses HTTP/fqdn@REALM as the kerberos principal for each
> Since it is difficult to modify the config for each host, a substitution feature where
_HOST gets replaced by fqdn is implemented. 
> The task is to provide similar feature for the kerberos principals used for SPNEGO principals

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message