[
https://issues.apache.org/jira/browse/HADOOP-10556?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13992793#comment-13992793
]
Hudson commented on HADOOP-10556:
---------------------------------
FAILURE: Integrated in Hadoop-Hdfs-trunk #1751 (See
[https://builds.apache.org/job/Hadoop-Hdfs-trunk/1751/])
HADOOP-10556. [FIXING JIRA NUMBER TYPO] Add toLowerCase support to
auth_to_local rules for service name. (tucu) (tucu:
http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1593107)
* /hadoop/common/trunk/hadoop-common-project/hadoop-common/CHANGES.txt
> Add toLowerCase support to auth_to_local rules for service name
> ---------------------------------------------------------------
>
> Key: HADOOP-10556
> URL: https://issues.apache.org/jira/browse/HADOOP-10556
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.4.0
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Fix For: 2.5.0
>
> Attachments: HADOOP-10556.patch, HADOOP-10556.patch
>
>
> When using Vintela to integrate Linux with AD, principals are lowercased. If
> the accounts in AD have uppercase characters (ie FooBar) the Kerberos
> principals have also uppercase characters (ie FooBar/<HOST>). Because of
> this, when a service (Yarn/HDFS) extracts the service name from the Kerberos
> principal (FooBar) and uses it for obtain groups the user is not found
> because via Linux the user FooBar is unknown, it has been converted to foobar.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
