[jira] [Updated] (HADOOP-11017) KMS delegation token secret manager should be able to use zookeeper as store

Fri, 19 Sep 2014 22:25:57 -0700 

     [ 
https://issues.apache.org/jira/browse/HADOOP-11017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Arun Suresh updated HADOOP-11017:
---------------------------------
    Attachment: HADOOP-11017.8.patch

Updating patch, thanks for the multiple reviews [~tucu00]

bq. The if {{authType.equals("sasl")}} has an {{else}} block, it should have an 
else if {{authType.equals("none")}} block and the final else should throw an 
exception.
[~tucu00], I had put a {{Precondition.checkArgument()}} prior to the if black 
to check if {{authType}} is either "none" or "sasl"... guess you might have 
missed it.. I was thinking that should take care of it.

bq.  keep insisting that the following conf setup is not need it. Please check 
using KMS to verify. Also, in case they are needed, they are wrong, the set 
property is always UPDATE_INTERVAL
Agreed [~tucu00].. It should not be there..
But the reason I had kept it there is that, prior to this patch, the 
{{configPrefix}} variable in the section of the code you quoted was actually 
not the same prefix that is stripped by the {{KMSAuthenticationFIlter}}.. it is 
actually the {{AuthenticationHandler}} type. On further going thru the code.. 
it looks like there is no actual need for you don't need to do another prefix 
stripping (Since you probably wont have multiple DelegationTokenHandlers 
configured at the same time i guess).. Anyway, I have removed it.. doesn't seem 
to be breaking anything..

> KMS delegation token secret manager should be able to use zookeeper as store
> ----------------------------------------------------------------------------
>
>                 Key: HADOOP-11017
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11017
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 2.6.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Arun Suresh
>         Attachments: HADOOP-11017.1.patch, HADOOP-11017.2.patch, 
> HADOOP-11017.3.patch, HADOOP-11017.4.patch, HADOOP-11017.5.patch, 
> HADOOP-11017.6.patch, HADOOP-11017.7.patch, HADOOP-11017.8.patch, 
> HADOOP-11017.WIP.patch
>
>
> This will allow supporting multiple KMS instances behind a load balancer.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to