hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Kanter (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-10895) HTTP KerberosAuthenticator fallback should have a flag to disable it
Date Thu, 30 Oct 2014 23:07:35 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14191000#comment-14191000
] 

Robert Kanter commented on HADOOP-10895:
----------------------------------------

Overall it looks fine to me (other than the failed unit tests).  
However, I'm still concerned about disabling this by default.  This is going to break other
components that depend on the fallback behavior.  I think the default should be to allow fallback
with the option of disabling it.  In fact, looking at HADOOP-9698, it looks like it allows
falling back by default too.

> HTTP KerberosAuthenticator fallback should have a flag to disable it
> --------------------------------------------------------------------
>
>                 Key: HADOOP-10895
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10895
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 2.4.1
>            Reporter: Alejandro Abdelnur
>            Assignee: Yongjun Zhang
>            Priority: Blocker
>         Attachments: HADOOP-10895.001.patch, HADOOP-10895.002.patch
>
>
> Per review feedback in HADOOP-10771, {{KerberosAuthenticator}} and the delegation token
version coming in with HADOOP-10771 should have a flag to disable fallback to pseudo, similarly
to the one that was introduced in Hadoop RPC client with HADOOP-9698.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message