[
https://issues.apache.org/jira/browse/HADOOP-8779?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13478377#comment-13478377
]
Daryn Sharp commented on HADOOP-8779:
-------------------------------------
The RPC client will use DIGEST-MD5 if and only if there's a token in the UGI.
The rpc client used to only look for tokens if auth is kerberos, but
HADOOP-8784 changed the client to always look for tokens regardless of auth
method. I believe your real question, which is legitimate, is whether the job
client chooses to get fs tokens. We can discuss that on this jira because it's
unrelated to HDFS-4056.
> Use tokens regardless of authentication type
> --------------------------------------------
>
> Key: HADOOP-8779
> URL: https://issues.apache.org/jira/browse/HADOOP-8779
> Project: Hadoop Common
> Issue Type: New Feature
> Components: fs, security
> Affects Versions: 3.0.0, 2.0.2-alpha
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
>
> Security is a combination of authentication and authorization (tokens).
> Authorization may be granted independently of the authentication model.
> Tokens should be used regardless of simple or kerberos authentication.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
