hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bob Hansen (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HDFS-10451) libhdfs++: Look up kerberos principal by username
Date Mon, 23 May 2016 13:26:12 GMT
Bob Hansen created HDFS-10451:
---------------------------------

             Summary: libhdfs++: Look up kerberos principal by username
                 Key: HDFS-10451
                 URL: https://issues.apache.org/jira/browse/HDFS-10451
             Project: Hadoop HDFS
          Issue Type: Sub-task
            Reporter: Bob Hansen


SaslProtocol::Negotiate passes the user name directly to the sasl_engine for authentication;
the SASL engines require that.

HDFS maps princpals to usernames by stripping off the realm and hostname.  We should query
the ccache for all available tickets, and find the one that best matches the passed-in username
using the HDFS semantics.  e.g. if the username is client1, and we have a ticket for client1/machine1.foo.com@FOO.COM,
we should use that ticket.

If multiple tickets match, the one that most exactly matches the username (host, realm) should
be used.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org


Mime
View raw message