[ https://issues.apache.org/jira/browse/HDFS-2368?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13115177#comment-13115177 ]
Tsz Wo (Nicholas), SZE commented on HDFS-2368: ---------------------------------------------- Just found that we have similar conf properties in core-default.xml for Kerberos ssl. {code} <property> <name>hadoop.http.authentication.kerberos.principal</name> <value>HTTP/localhost@LOCALHOST</value> <description> Indicates the Kerberos principal to be used for HTTP endpoint. The principal MUST start with 'HTTP/' as per Kerberos HTTP SPNEGO specification. </description> </property> <property> <name>hadoop.http.authentication.kerberos.keytab</name> <value>${user.home}/hadoop.keytab</value> <description> Location of the keytab file with the credentials for the principal. Referring to the same keytab file Oozie uses for its Kerberos credentials for Hadoop. </description> </property> {code} > defaults created for web keytab and principal, these properties should not > have defaults > ---------------------------------------------------------------------------------------- > > Key: HDFS-2368 > URL: https://issues.apache.org/jira/browse/HDFS-2368 > Project: Hadoop HDFS > Issue Type: Bug > Affects Versions: 0.20.205.0 > Reporter: Arpit Gupta > Assignee: Tsz Wo (Nicholas), SZE > > the following defaults are set in hdfs-defaults.xml > <property> > <name>dfs.web.authentication.kerberos.principal</name> > <value>HTTP/${dfs.web.hostname}@${kerberos.realm}</value> > <description> > The HTTP Kerberos principal used by Hadoop-Auth in the HTTP endpoint. > The HTTP Kerberos principal MUST start with 'HTTP/' per Kerberos > HTTP SPENGO specification. > </description> > </property> > <property> > <name>dfs.web.authentication.kerberos.keytab</name> > <value>${user.home}/dfs.web.keytab</value> > <description> > The Kerberos keytab file with the credentials for the > HTTP Kerberos principal used by Hadoop-Auth in the HTTP endpoint. > </description> > </property> > These properties should not have defaults -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira