hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eli Collins (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-8857) hadoop.http.authentication.signature.secret.file should be created if the configured file does not exist
Date Thu, 27 Sep 2012 05:29:07 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-8857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13464457#comment-13464457
] 

Eli Collins commented on HADOOP-8857:
-------------------------------------

Also, the documentation refers to the config as "signature.secret" not "signature.secret.file".
It should also mention that it should be created on each host in the cluster that runs an
auth-enabled Web UI.


                
> hadoop.http.authentication.signature.secret.file should be created if the configured
file does not exist
> --------------------------------------------------------------------------------------------------------
>
>                 Key: HADOOP-8857
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8857
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 2.0.0-alpha
>            Reporter: Eli Collins
>            Priority: Minor
>
> AuthenticationFilterInitializer#initFilter fails if the configured {{hadoop.http.authentication.signature.secret.file}}
does not exist, eg:
> {noformat}
> java.lang.RuntimeException: Could not read HTTP signature secret file: /var/lib/hadoop-hdfs/hadoop-http-auth-signature-secret
> {noformat}
> Creating /var/lib/hadoop-hdfs/hadoop-http-auth-signature-secret (populated with a string)
fixes the issue. Per the auth docs "If a secret is not provided a random secret is generated
at start up time.", which sounds like it means the file should be generated at startup with
a random secrete, which doesn't seem to be the case. Also the instructions in the docs should
be more clear in this regard.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message