hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zhijie Shen (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (YARN-2049) Delegation token stuff for the timeline sever
Date Mon, 12 May 2014 22:00:16 GMT

     [ https://issues.apache.org/jira/browse/YARN-2049?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Zhijie Shen updated YARN-2049:

    Attachment: YARN-2049.1.patch

In this patch, I implemented the delegation token service via HTTP protocol by leveraging
the hadoop-auth modules, and I significantly referred to  the design of the delegation token
service of HttpFS.

1. Make the TimelineDelegationTokenIdenifier and secretManager as usual.
2. Extend the KerberosAuthenticationFilter and KerberosAuthenticationHandler to accept authentication
based either the kerberos principle or the delegation token.
3. Extend KerberosAuthenticator to encapsulate DT based communication, and add the APIs to
get/renew/cancel DT.
4. Modify the web stack to enable SPNEGO for the timeline server, and make secret manager
service callable from the filter.
5. Fix the test cases accordingly.

This patch is only compilable based on YARN-1938 and HADOOP-10596

> Delegation token stuff for the timeline sever
> ---------------------------------------------
>                 Key: YARN-2049
>                 URL: https://issues.apache.org/jira/browse/YARN-2049
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Zhijie Shen
>            Assignee: Zhijie Shen
>         Attachments: YARN-2049.1.patch

This message was sent by Atlassian JIRA

View raw message