Andrew Kyle Purtell created PHOENIX-7837:
--------------------------------------------
Summary: SecureUserConnectionsIT install permissive auth_to_local
rules
Key: PHOENIX-7837
URL: https://issues.apache.org/jira/browse/PHOENIX-7837
Project: Phoenix
Issue Type: Sub-task
Components: test
Reporter: Andrew Kyle Purtell
Assignee: Andrew Kyle Purtell
Fix For: 5.4.0, 5.3.1
{{SecureUserConnectionsIT}} brings up an embedded MiniKDC, sets
{{hadoop.security.authentication=kerberos}} and the default realm to
{{{}EXAMPLE.COM{}}}, but never installs any {{{}hadoop.security.auth_to_local
rules{}}}. On a developer workstation holding an active TGT for an unrelated
realm {{KerberosName.getShortName}} has no matching rule to the unrelated realm
and the test fails with {{{}KerberosAuthException{}}}. The fix installs
permissive rules {{RULE:[1:$1] RULE:[2:$1] DEFAULT}} in the test's
{{Configuration}} and also sets them statically on {{{}KerberosName{}}}.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
