hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kan Zhang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-4056) Always start the NN's SecretManager
Date Wed, 17 Oct 2012 00:20:03 GMT

    [ https://issues.apache.org/jira/browse/HDFS-4056?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13477485#comment-13477485

Kan Zhang commented on HDFS-4056:

bq. After this change SIMPLE + SIMPLE will work just as it always has. 

How? If I'm not mistaken, this JIRA tries to make the internal auth always use DIGEST-MD5
(i.e, tokens). SIMPLE auth (i.e., no security) will not be supported for internal auth (e.g.,
when user jobs authenticate to NN).

bq. Based on discussions in HADOOP-8758 and HADOOP-8779, the agreement was to always enable

I'm sorry if I left you with that impression and I realized I didn't make my opinion on whether
tokens should "always" be used clear. I'll add a comment to HADOOP-8779. As I explained above,
I think there is value in keeping the use of tokens optional.
> Always start the NN's SecretManager
> -----------------------------------
>                 Key: HDFS-4056
>                 URL: https://issues.apache.org/jira/browse/HDFS-4056
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: name-node
>    Affects Versions: 0.23.0, 2.0.0-alpha, 3.0.0
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>         Attachments: HDFS-4056.patch
> To support the ability to use tokens regardless of whether kerberos is enabled, the NN's
secret manager should always be started.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message