zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hadoop QA (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-1664) Kerberos auth doesn't work with native platform GSS integration
Date Fri, 06 Sep 2013 14:13:52 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-1664?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13760219#comment-13760219
] 

Hadoop QA commented on ZOOKEEPER-1664:
--------------------------------------

-1 overall.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12573555/ZOOKEEPER-1664.patch
  against trunk revision 1520436.

    +1 @author.  The patch does not contain any @author tags.

    -1 tests included.  The patch doesn't appear to include any new or modified tests.
                        Please justify why no new tests are needed for this patch.
                        Also please list what manual steps were performed to verify this patch.

    -1 patch.  The patch command could not apply the patch.

Console output: https://builds.apache.org/job/PreCommit-ZOOKEEPER-Build/1557//console

This message is automatically generated.
                
> Kerberos auth doesn't work with native platform GSS integration
> ---------------------------------------------------------------
>
>                 Key: ZOOKEEPER-1664
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1664
>             Project: ZooKeeper
>          Issue Type: Bug
>          Components: java client, server
>    Affects Versions: 3.4.5
>         Environment: Linux (and likely also Solaris).
>            Reporter: Boaz Kelmer
>         Attachments: ZOOKEEPER-1664.patch
>
>
> Java on Linux/Solaris can be set up to use the native (via C library)
> GSS implementation. This is configured by setting the system property
>    sun.security.jgss.native=true
> When using this feature, ZooKeeper Sasl/JGSS authentication doesn't work.
> The reason is explained in
> http://docs.oracle.com/javase/6/docs/technotes/guides/security/jgss/jgss-features.html
> """
> [when using native GSS...]
> In addition, when performing operations as a particular Subject, e.g. 
> Subject.doAs(...) or Subject.doAsPrivileged(...), the to-be-used 
> GSSCredential should be added to Subject's private credential set. 
> Otherwise, the GSS operations will fail since no credential is found.
> """

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message