[ https://issues.apache.org/jira/browse/HDFS-17447?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17832004#comment-17832004 ]
ASF GitHub Bot commented on HDFS-17447: --------------------------------------- xiaojunxiang2023 opened a new pull request, #6687: URL: https://github.com/apache/hadoop/pull/6687 As we know, when Ranger authentication is enabled in the HDFS, if Ranger authentication fails to match, it is degraded to the FSPermissionChecker authentication of the HDFS ACL. If an ACE occurs, it is not clear whether it comes from Ranger authentication or FSPermissionChecker authentication. So I think we should add a description of AccessControlEnforcer to the ACE exception description to help locate the problem. > Add an implementation class that prints AccessControlEnforcer when an ACE > exception occurs. > ------------------------------------------------------------------------------------------- > > Key: HDFS-17447 > URL: https://issues.apache.org/jira/browse/HDFS-17447 > Project: Hadoop HDFS > Issue Type: Improvement > Components: hdfs > Reporter: xiaojunxiang > Priority: Major > > As we know, when Ranger authentication is enabled in the HDFS, if Ranger > authentication fails to match, it is degraded to the FSPermissionChecker > authentication of the HDFS ACL. > If an ACE occurs, it is not clear whether it comes from Ranger authentication > or FSPermissionChecker authentication. So I think we should add a description > of AccessControlEnforcer to the ACE exception description to help locate the > problem. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org