hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron T. Myers (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-3433) GetImageServlet should allow administrative requestors when security is enabled
Date Thu, 17 May 2012 07:51:06 GMT

     [ https://issues.apache.org/jira/browse/HDFS-3433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Aaron T. Myers updated HDFS-3433:

    Attachment: HDFS-3433.patch

Here's a patch which addresses the issue. The ACL which is already used to allow admin access
to other HTTP servlets is extended to also allow access to the GetImage servlet.

In addition to the automated test, I also tested this manually on a secure cluster, by ensuring
my principal could not fetch the fsimage without the ACL in place, then adding my principal
to the ACL and ensuring it then worked. I also made sure that checkpointing still worked both
with and without the ACL in place.
> GetImageServlet should allow administrative requestors when security is enabled
> -------------------------------------------------------------------------------
>                 Key: HDFS-3433
>                 URL: https://issues.apache.org/jira/browse/HDFS-3433
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: name-node
>    Affects Versions: 2.0.0
>            Reporter: Aaron T. Myers
>            Assignee: Aaron T. Myers
>         Attachments: HDFS-3433.patch
> Currently the GetImageServlet only allows the NN and checkpointing nodes to connect.
Since we now have the fetchImage command in DFSAdmin, we should also allow administrative
requests as well.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message