hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sunil G (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (YARN-7862) YARN native service REST endpoint needs user.name as query param
Date Wed, 31 Jan 2018 17:18:00 GMT

    [ https://issues.apache.org/jira/browse/YARN-7862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16347205#comment-16347205
] 

Sunil G edited comment on YARN-7862 at 1/31/18 5:17 PM:
--------------------------------------------------------

Thanks [~eyang]

I agree with the last point of sending WWW-Authenticate header etc. But for non-secure mode,
now UI has to send with user.name option. Its not good to send this user.name=dummy value
always from UI in non-secure mode. Because after adding this also, server just skips user.name
value. Since server skips this, i think it should not be marked as mandatory option for non-secure
mode.


was (Author: sunilg):
Thanks [~eyang]

I agree with the last point of sending WWW-Authenticate header etc. But for non-secure mode,
now UI has to send with user.name option. Its not good to send this user.name= some dummy
value always from UI in non-secure mode. Because after adding this also, server just skips.
Since server skips this, it should not be marked as mandatory option for non-secure mode.

> YARN native service REST endpoint needs user.name as query param
> ----------------------------------------------------------------
>
>                 Key: YARN-7862
>                 URL: https://issues.apache.org/jira/browse/YARN-7862
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: yarn-native-services
>            Reporter: Sunil G
>            Priority: Major
>
> While accessing below yarn rest end point with POST method type,
> {code:java}
> http://rm_ip:8088/app/v1/services{code}
> below error is coming in non-secure cluster.
> {noformat}
> {
> "diagnostics": "Null user"
> }{noformat}
> When *user.name* is provided as query param with *dr.who* we can see that yarn started
service with proxy user, not dr.who. 
> In non-secure cluster, native service should ideally take the user from remote ugi.
> in secure cluster, its better to derive user from kerberized shell.
>  
> cc/  [~jianhe] [~eyang]
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message