[jira] [Commented] (HDFS-14052) RBF: Use Router keytab for WebHDFS

Mon, 25 Feb 2019 11:03:32 -0800 


    [ 
https://issues.apache.org/jira/browse/HDFS-14052?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16777209#comment-16777209
 ] 

Brahma Reddy Battula commented on HDFS-14052:
---------------------------------------------

Thanks for updating the test. Apart from following nits rest lgtm.

Can we extract to common method do like following and Change 
RouterWebHDFSContract#createCluster(org.apache.hadoop.conf.Configuration) to 
throw cause instead of common message(Since cause will be different for both 
the cases.).

 
{code:java}
@Test
public void testStartupWithoutSpnegoPrincipal() throws Exception {
 testCluster(DFS_WEB_AUTHENTICATION_KERBEROS_PRINCIPAL_KEY,"Unable to 
initialize WebAppContext");
}
@Test
public void testStartupWithoutKeytab() throws Exception {
 testCluster(DFS_ROUTER_KEYTAB_FILE_KEY,"Running in secure mode, but config 
doesn't have a keytab");
}
private void testCluster(String dfsWebAuthenticationKerberosPrincipalKey,String 
message) throws Exception { 
Configuration conf = initSecurity();
conf.unset(dfsWebAuthenticationKerberosPrincipalKey); 
exceptionRule.expect(IOException.class); 
exceptionRule.expectMessage(message)
RouterWebHDFSContract.createCluster(conf);
 }
{code}
 

 

> RBF: Use Router keytab for WebHDFS
> ----------------------------------
>
>                 Key: HDFS-14052
>                 URL: https://issues.apache.org/jira/browse/HDFS-14052
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>            Reporter: Íñigo Goiri
>            Assignee: CR Hota
>            Priority: Major
>         Attachments: HDFS-14052-HDFS-13891.0.patch, 
> HDFS-14052-HDFS-13891.1.patch, HDFS-14052-HDFS-13891.2.patch, 
> HDFS-14052-HDFS-13891.3.patch
>
>
> When the RouterHttpServer starts it does:
> {code}
>     NameNodeHttpServer.initWebHdfs(conf, httpAddress.getHostName(), 
> httpServer,
>         RouterWebHdfsMethods.class.getPackage().getName());
> {code}
> This function is in the NN and is pretty generic.
> However, it then calls to NameNodeHttpServer#getAuthFilterParams, which does:
> {code}
>     String httpKeytab = conf.get(DFSUtil.getSpnegoKeytabKey(conf,
>         DFSConfigKeys.DFS_NAMENODE_KEYTAB_FILE_KEY));
> {code}
> In most cases, the regular web keytab will kick in, but we should make this a 
> parameter and load the Router one just in case.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

Reply via email to