[ https://issues.apache.org/jira/browse/HADOOP-8779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13478377#comment-13478377 ]
Daryn Sharp commented on HADOOP-8779: ------------------------------------- The RPC client will use DIGEST-MD5 if and only if there's a token in the UGI. The rpc client used to only look for tokens if auth is kerberos, but HADOOP-8784 changed the client to always look for tokens regardless of auth method. I believe your real question, which is legitimate, is whether the job client chooses to get fs tokens. We can discuss that on this jira because it's unrelated to HDFS-4056. > Use tokens regardless of authentication type > -------------------------------------------- > > Key: HADOOP-8779 > URL: https://issues.apache.org/jira/browse/HADOOP-8779 > Project: Hadoop Common > Issue Type: New Feature > Components: fs, security > Affects Versions: 3.0.0, 2.0.2-alpha > Reporter: Daryn Sharp > Assignee: Daryn Sharp > > Security is a combination of authentication and authorization (tokens). > Authorization may be granted independently of the authentication model. > Tokens should be used regardless of simple or kerberos authentication. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira