[
https://issues.apache.org/jira/browse/HADOOP-18704?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17713757#comment-17713757
]
Steve Loughran commented on HADOOP-18704:
-----------------------------------------
this is going to be up to the yarn/hdfs team to worry about *I will not review*
what I would suggest, however, is that the list of users allowed to
authenticate with simple auth is part of the config, so you can restrict the
exposure of this *very dangerous* feature.
> Support a "permissive" mode for secure clusters to allow "simple" auth clients
> ------------------------------------------------------------------------------
>
> Key: HADOOP-18704
> URL: https://issues.apache.org/jira/browse/HADOOP-18704
> Project: Hadoop Common
> Issue Type: Improvement
> Components: ipc
> Affects Versions: 3.4.0, 2.10.3, 3.2.5, 3.3.6
> Reporter: Ravi Kishore Valeti
> Priority: Minor
>
> Similar to HBASE-14700, would like to add support for Secure Server to
> fallback to simple auth for non-secure clients.
> Secure Hadoop to support a permissive mode to allow mixed secure and insecure
> clients. This allows clients to be incrementally migrated over to a secure
> configuration. To enable clients to continue to connect using SIMPLE
> authentication when the cluster is configured for security, set
> "hadoop.ipc.server.fallback-to-simple-auth-allowed" equal to "true" in
> hdfs-site.xml. NOTE: This setting should ONLY be used as a temporary measure
> while converting clients over to secure authentication. It MUST BE DISABLED
> for secure operation.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
