[
https://issues.apache.org/jira/browse/HDFS-17447?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17832004#comment-17832004
]
ASF GitHub Bot commented on HDFS-17447:
---------------------------------------
xiaojunxiang2023 opened a new pull request, #6687:
URL: https://github.com/apache/hadoop/pull/6687
As we know, when Ranger authentication is enabled in the HDFS, if Ranger
authentication fails to match, it is degraded to the FSPermissionChecker
authentication of the HDFS ACL.
If an ACE occurs, it is not clear whether it comes from Ranger
authentication or FSPermissionChecker authentication. So I think we should add
a description of AccessControlEnforcer to the ACE exception description to help
locate the problem.
> Add an implementation class that prints AccessControlEnforcer when an ACE
> exception occurs.
> -------------------------------------------------------------------------------------------
>
> Key: HDFS-17447
> URL: https://issues.apache.org/jira/browse/HDFS-17447
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: hdfs
> Reporter: xiaojunxiang
> Priority: Major
>
> As we know, when Ranger authentication is enabled in the HDFS, if Ranger
> authentication fails to match, it is degraded to the FSPermissionChecker
> authentication of the HDFS ACL.
> If an ACE occurs, it is not clear whether it comes from Ranger authentication
> or FSPermissionChecker authentication. So I think we should add a description
> of AccessControlEnforcer to the ACE exception description to help locate the
> problem.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
