[
https://issues.apache.org/jira/browse/HADOOP-10895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14179328#comment-14179328
]
Yongjun Zhang commented on HADOOP-10895:
----------------------------------------
I just submitted patch rev 001. Hightlight of the changes:
* Since hadoop-auth doesn't have dependency on hadoop-common, we can't access
the usual configuration object from within hadoop-auth. I changed
ConnectionConfigurator from interface to class, and make it carry the info
about whether fallback to pseudo authenticator is enabled.
* I made it the client of this class' responsibility to pass the info to
ConnectionConfiguration.
* I used the same property used for HADOOP-9698 for enabling/disabling the
fallback. The default is that the fallback is disabled.
* Changed many related tests to enable the fallback so the tests work the same
way as before this fix.
Hi [~tucu00], wonder if you will have time to review, I would really appreciate
if you can. Please let me know if not. Thanks.
BTW, Thanks [~rkanter] for some discussion and suggestion.
> HTTP KerberosAuthenticator fallback should have a flag to disable it
> --------------------------------------------------------------------
>
> Key: HADOOP-10895
> URL: https://issues.apache.org/jira/browse/HADOOP-10895
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 2.4.1
> Reporter: Alejandro Abdelnur
> Assignee: Yongjun Zhang
> Priority: Blocker
> Attachments: HADOOP-10895.001.patch
>
>
> Per review feedback in HADOOP-10771, {{KerberosAuthenticator}} and the
> delegation token version coming in with HADOOP-10771 should have a flag to
> disable fallback to pseudo, similarly to the one that was introduced in
> Hadoop RPC client with HADOOP-9698.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
