[ https://issues.apache.org/jira/browse/HADOOP-12570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15063174#comment-15063174 ]
Arpit Agarwal commented on HADOOP-12570: ---------------------------------------- bq. If an hdfs-site.xml defined dfs.web.authentication.kerberos.principal, but did not define dfs.namenode.kerberos.internal.spnego.principal, then I think it still would have worked because of the token substitution logic in Configuration#substituteVars. Nice catch Chris! So the reason this works is because hdfs-default.xml is available as a resource in the hadoop-hdfs jar. I'll update the next patch to restore the defaults. > HDFS Secure Mode Documentation updates > -------------------------------------- > > Key: HADOOP-12570 > URL: https://issues.apache.org/jira/browse/HADOOP-12570 > Project: Hadoop Common > Issue Type: Improvement > Components: documentation > Affects Versions: 2.7.1 > Reporter: Arpit Agarwal > Assignee: Arpit Agarwal > Attachments: HDFS-9254.01.patch, HDFS-9254.02.patch, > HDFS-9254.03.patch, HDFS-9254.04.patch > > > Some Kerberos configuration parameters are not documented well enough. -- This message was sent by Atlassian JIRA (v6.3.4#6332)