hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Varun Vasudev (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-2656) RM web services authentication filter should add support for proxy user
Date Fri, 10 Oct 2014 15:02:34 GMT

    [ https://issues.apache.org/jira/browse/YARN-2656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14166943#comment-14166943
] 

Varun Vasudev commented on YARN-2656:
-------------------------------------

Thanks for the patch [~zjshen]. 
{quote}
2. Change proxyuser prefix to "yarn.resourcemanager". The other DelegationTokenAuthenticationFilter
use cases take the specific prefix as well instead of the common one "hadoop". The benefit
should be different use cases can have their individual proxyuser setting.
{quote}

I don't think we need to introduce a new variable to configure proxyusers. I think it's reasonable
for now to assume that proxyusers are setup for RPC and REST. I think we should use "hadoop.proxyusers"
instead of introducing "yarn.resourcemanager.proxyusers".

Apart from that the patch looks good to me. Thanks again for all the help!

> RM web services authentication filter should add support for proxy user
> -----------------------------------------------------------------------
>
>                 Key: YARN-2656
>                 URL: https://issues.apache.org/jira/browse/YARN-2656
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: resourcemanager
>            Reporter: Varun Vasudev
>            Assignee: Varun Vasudev
>         Attachments: YARN-2656.3.patch, apache-yarn-2656.0.patch, apache-yarn-2656.1.patch,
apache-yarn-2656.2.patch
>
>
> The DelegationTokenAuthenticationFilter adds support for doAs functionality. The RMAuthenticationFilter
should expose this as well.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message