Storm secured config defaults for principal names
Project: http://git-wip-us.apache.org/repos/asf/incubator-slider/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-slider/commit/71a8559d Tree: http://git-wip-us.apache.org/repos/asf/incubator-slider/tree/71a8559d Diff: http://git-wip-us.apache.org/repos/asf/incubator-slider/diff/71a8559d Branch: refs/heads/releases/slider-0.60 Commit: 71a8559da2e80b9581ca938e5433d9313c60e8c8 Parents: a26840e Author: Sumit Mohanty <smoha...@hortonworks.com> Authored: Mon Nov 10 22:34:28 2014 -0800 Committer: Sumit Mohanty <smoha...@hortonworks.com> Committed: Mon Nov 10 22:47:23 2014 -0800 ---------------------------------------------------------------------- app-packages/storm/appConfig-secured-default.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-slider/blob/71a8559d/app-packages/storm/appConfig-secured-default.json ---------------------------------------------------------------------- diff --git a/app-packages/storm/appConfig-secured-default.json b/app-packages/storm/appConfig-secured-default.json index f0eae5c..21d32e5 100644 --- a/app-packages/storm/appConfig-secured-default.json +++ b/app-packages/storm/appConfig-secured-default.json @@ -39,10 +39,10 @@ "site.storm-site.storm.thrift.transport": "backtype.storm.security.auth.kerberos.KerberosSaslTransportPlugin", "site.storm-site.java.security.auth.login.config": "${AGENT_WORK_ROOT}/app/install/apache-storm-${pkg.version}/conf/storm_jaas.conf", "site.storm-site.storm.principal.tolocal": "backtype.storm.security.auth.KerberosPrincipalToLocal", - "site.storm-site.storm.zookeeper.superACL": "PLACE_JAAS_CLIENT_PRINCIPAL_HERE", - "site.storm-site.nimbus.admins": "['${USER_NAME}', 'PLACE_JAAS_STORMCLIENT_PRINCIPAL_HERE']", + "site.storm-site.storm.zookeeper.superACL": "sasl:${USER_NAME}@EXAMPLE.COM", + "site.storm-site.nimbus.admins": "['${USER_NAME}']", "site.storm-site.nimbus.users": "['${USER_NAME}']", - "site.storm-site.nimbus.supervisor.users": "['PLACE_JAAS_STORMCLIENT_PRINCIPAL_HERE']", + "site.storm-site.nimbus.supervisor.users": "['${USER_NAME}']", "site.storm-site.nimubs.authorizer": "backtype.storm.security.auth.authorizer.SimpleACLAuthorizer", "site.storm-site.storm.thrift.transport": "backtype.storm.security.auth.kerberos.KerberosSaslTransportPlugin", "site.storm-site.storm.principal.tolocal": "backtype.storm.security.auth.KerberosPrincipalToLocal", @@ -50,8 +50,8 @@ "site.storm-site.ui.filter.params": "{'type': 'kerberos', 'kerberos.principal': 'HTTP/_HOST', 'kerberos.keytab': '/etc/security/keytabs/spnego.service.keytab', 'kerberos.name.rules': 'RULE:[2:$1@$0]([jt]t@.*EXAMPLE.COM)s/.*/$MAPRED_USER/ RULE:[2:$1@$0]([nd]n@.*EXAMPLE.COM)s/.*/$HDFS_USER/DEFAULT'}", "site.storm-env.kerberos_domain": "EXAMPLE.COM", - "site.storm-env.storm_client_principal_name": "PLACE_JAAS_STORMCLIENT_PRINCIPAL_HERE", - "site.storm-env.storm_server_principal_name": "PLACE_JAAS_STORMSERVER_PRINCIPAL_HERE/_HOST", + "site.storm-env.storm_client_principal_name": "${USER_NAME}@EXAMPLE.COM", + "site.storm-env.storm_server_principal_name": "${USER_NAME}/_h...@example.com", "site.storm-env.storm_client_keytab": "${AGENT_WORK_ROOT}/keytabs/${USER_NAME}.STORM.client.keytab", "site.storm-env.storm_server_keytab": "${AGENT_WORK_ROOT}/keytabs/${USER_NAME}.STORM.nimbus.keytab"