hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Kanter (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (YARN-4126) RM should not issue delegation tokens in unsecure mode
Date Fri, 21 Oct 2016 17:44:58 GMT

    [ https://issues.apache.org/jira/browse/YARN-4126?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15595819#comment-15595819
] 

Robert Kanter commented on YARN-4126:
-------------------------------------

Oozie had previously been always getting a delegation token, regardless of security.  The
only difference was that in a non-secure cluster, it would use a hardcoded dummy renewer,
and the correct renewer in a secure cluster.  It's been that way for many years so I'm not
sure why it was done that way, but it has been working with both Hadoop 1.x and 2.x.  

> RM should not issue delegation tokens in unsecure mode
> ------------------------------------------------------
>
>                 Key: YARN-4126
>                 URL: https://issues.apache.org/jira/browse/YARN-4126
>             Project: Hadoop YARN
>          Issue Type: Bug
>            Reporter: Jian He
>            Assignee: Bibin A Chundatt
>             Fix For: 2.8.0, 3.0.0-alpha1
>
>         Attachments: 0001-YARN-4126.patch, 0002-YARN-4126.patch, 0003-YARN-4126.patch,
0004-YARN-4126.patch, 0005-YARN-4126.patch, 0006-YARN-4126.patch
>
>
> ClientRMService#getDelegationToken is currently  returning a delegation token in insecure
mode. We should not return the token if it's in insecure mode. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message