[ https://issues.apache.org/jira/browse/HDFS-14129?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16740286#comment-16740286 ]
Surendra Singh Lilhore commented on HDFS-14129: ----------------------------------------------- Thanks [~RANith] for patch. # Correct the property description. # Correct the {{serverPrincipal}} for {{RouterAdminProtocolPB}} and change it to {{RBFConfigKeys#DFS_ROUTER_KERBEROS_PRINCIPAL_KEY}}. Principal key used in {{SaslRpcClient#getServerPrincipal()}} to verify server principal. Currently it will fail if namenode and router principal is different. > RBF: Create new policy provider for router > ------------------------------------------ > > Key: HDFS-14129 > URL: https://issues.apache.org/jira/browse/HDFS-14129 > Project: Hadoop HDFS > Issue Type: Sub-task > Components: namenode > Affects Versions: HDFS-13532 > Reporter: Surendra Singh Lilhore > Assignee: Ranith Sardar > Priority: Major > Attachments: HDFS-14129-HDFS-13891.001.patch, > HDFS-14129-HDFS-13891.002.patch, HDFS-14129-HDFS-13891.003.patch, > HDFS-14129-HDFS-13891.004.patch, HDFS-14129-HDFS-13891.005.patch, > HDFS-14129-HDFS-13891.006.patch, HDFS-14129-HDFS-13891.006.patch, > HDFS-14129-HDFS-13891.007.patch, HDFS-14129-HDFS-13891.008.patch, > HDFS-14129-HDFS-13891.008.patch > > > Router is usingĀ *{{HDFSPolicyProvider}}*. We can't add new protocol in this > class for router, its better to create in policy provider for Router. > {code:java} > // Set service-level authorization security policy > if (conf.getBoolean(HADOOP_SECURITY_AUTHORIZATION, false)) { > this.adminServer.refreshServiceAcl(conf, new HDFSPolicyProvider()); > } > {code} > I got this issue when I am verified HDFS-14079 with secure cluster. > {noformat} > ./bin/hdfs dfsrouteradmin -ls / > ls: Protocol interface org.apache.hadoop.hdfs.protocolPB.RouterAdminProtocol > is not known. > org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException): > Protocol interface org.apache.hadoop.hdfs.protocolPB.RouterAdminProtocol is > not known. > at org.apache.hadoop.ipc.Client.getRpcResponse(Client.java:1520) > at org.apache.hadoop.ipc.Client.call(Client.java:1466) > {noformat} -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org