hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason Lowe (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (YARN-707) Add user info in the YARN ClientToken
Date Tue, 27 Aug 2013 18:07:52 GMT

     [ https://issues.apache.org/jira/browse/YARN-707?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jason Lowe updated YARN-707:
----------------------------

    Attachment: YARN-707-20130827.txt

Patch to change the client-to-AM token user to be the user that requested the token and not
the app submitter or app ID.  It also persists the master key that was handed to the app attempt
when it registered and that was used to generate the token.

Updated the unit tests to verify the key is persisted properly, and also manually tested this
with the patch from MAPREDUCE-5475 to verify appmasters can now perform ACL checks properly
since they can now identify users who connect as clients.
                
> Add user info in the YARN ClientToken
> -------------------------------------
>
>                 Key: YARN-707
>                 URL: https://issues.apache.org/jira/browse/YARN-707
>             Project: Hadoop YARN
>          Issue Type: Improvement
>            Reporter: Bikas Saha
>            Assignee: Jason Lowe
>             Fix For: 3.0.0, 2.1.1-beta
>
>         Attachments: YARN-707-20130822.txt, YARN-707-20130827.txt
>
>
> If user info is present in the client token then it can be used to do limited authz in
the AM.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message