[
https://issues.apache.org/jira/browse/HADOOP-10771?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alejandro Abdelnur updated HADOOP-10771:
----------------------------------------
Attachment: COMBO.patch
[~atm], thanks for the detailed review. I’ve integrated all your feedback with
2 exceptions:
*Comment #4*,
Yes, this is pre-existing behavior.
This was done ot prevent the kerberos to simple fallback we do in Hadoop RPC
Client.
Looking at the Hadoop RPC client, a 'fallbackAllowed' flag has been added.
We should do the same here. I’ve opened HADOOP-10895, for that.
*Comment #5*,
This is pre-existing behavior.
This is going away soon with the work being done in HADOOP-10791 to support
rolling secrets.
Attaching new patch and a COMBO for test-patch to run.
> Refactor HTTP delegation support out of httpfs to common
> --------------------------------------------------------
>
> Key: HADOOP-10771
> URL: https://issues.apache.org/jira/browse/HADOOP-10771
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Affects Versions: 3.0.0
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Attachments: COMBO.patch, HADOOP-10771.patch, HADOOP-10771.patch,
> HADOOP-10771.sh
>
>
> HttpFS implements delegation token support in {{AuthenticationFilter}} &
> {{AuthenticationHandler}} subclasses.
> For HADOOP-10770 we need similar functionality for KMS.
> Not to duplicate code, we should refactor existing code to common.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
