[jira] [Commented] (OOZIE-1688) New configuration to specify server-server authentication type.

Thu, 19 Jun 2014 17:33:06 -0700 

    [ 
https://issues.apache.org/jira/browse/OOZIE-1688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14038163#comment-14038163
 ] 

Robert Kanter commented on OOZIE-1688:
--------------------------------------

I was just looking at this again (it's been a while), and I think we should 
make the default value for {{oozie.server.authentication.type}} to be whatever 
is set for {{oozie.authentication.type}} when its either {{simple}} or 
{{kerberos}}.  Otherwise, my concern is that the user will set 
{{oozie.authentication.type}} to {{kerberos}} and not touch the 
{{oozie.server.authentication.type}} property, which defaults to {{simple}}.   
I think in most cases, the user will want them to be the same and most users 
are using {{simple}} or {{kerberos}}; I'd guess that Yahoo! are likely the only 
ones using a custom AuthenticationHandler and Authenticator.

All you'd have to do is put this oozie-site/default:
{noformat}
<property>
    <name>oozie.server.authentication.type</name>
    <value>${oozie.authentication.type}</value>
</property>
{noformat}
If the user puts a classname for the AuthenticationHandler in 
{{oozie.authentication.type}}, then this should throw an Exception already 
because it's the wrong subclass type.  

Thoughts?

> New configuration to specify server-server authentication type.
> ---------------------------------------------------------------
>
>                 Key: OOZIE-1688
>                 URL: https://issues.apache.org/jira/browse/OOZIE-1688
>             Project: Oozie
>          Issue Type: Bug
>          Components: HA
>            Reporter: Purshotam Shah
>            Assignee: Purshotam Shah
>         Attachments: OOZIE-1688-V4.patch, OOZIE-1688-v1.patch, 
> OOZIE-1688-v1.patch, OOZIE-1688-v2.patch, OOZIE-1688-v3.patch, 
> OOZIE-1688.patch
>
>
> Currently conf "oozie.authentication.type" is used by specify authentication 
> type for client-server as well as server-server.
> Client-server and server-server communication can use different type of 
> authentication.
> We need to have  different conf "oozie.server.authentication.type" to specify 
> server-server authentication type.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to