[ https://issues.apache.org/jira/browse/HDFS-4542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13592467#comment-13592467 ]
Hadoop QA commented on HDFS-4542: --------------------------------- {color:green}+1 overall{color}. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12571896/HDFS-4542.patch against trunk revision . {color:green}+1 @author{color}. The patch does not contain any @author tags. {color:green}+1 tests included{color}. The patch appears to include 1 new or modified test files. {color:green}+1 tests included appear to have a timeout.{color} {color:green}+1 javac{color}. The applied patch does not increase the total number of javac compiler warnings. {color:green}+1 javadoc{color}. The javadoc tool did not generate any warning messages. {color:green}+1 eclipse:eclipse{color}. The patch built with eclipse:eclipse. {color:green}+1 findbugs{color}. The patch does not introduce any new Findbugs (version 1.3.9) warnings. {color:green}+1 release audit{color}. The applied patch does not increase the total number of release audit warnings. {color:green}+1 core tests{color}. The patch passed unit tests in hadoop-hdfs-project/hadoop-hdfs. {color:green}+1 contrib tests{color}. The patch passed contrib unit tests. Test results: https://builds.apache.org/job/PreCommit-HDFS-Build/4032//testReport/ Console output: https://builds.apache.org/job/PreCommit-HDFS-Build/4032//console This message is automatically generated. > Webhdfs doesn't support secure proxy users > ------------------------------------------ > > Key: HDFS-4542 > URL: https://issues.apache.org/jira/browse/HDFS-4542 > Project: Hadoop HDFS > Issue Type: Bug > Components: webhdfs > Affects Versions: 0.23.0, 2.0.0-alpha, 3.0.0 > Reporter: Daryn Sharp > Assignee: Daryn Sharp > Priority: Blocker > Attachments: HDFS-4542.branch-23.patch, HDFS-4542.patch, > HDFS-4542.patch > > > Webhdfs doesn't ever send the {{DoAsParam}} in the REST calls for proxy > users. Proxy users on a non-secure cluster "work" because the server sees > them as the effective user, not a proxy user, which effectively bypasses the > proxy authorization checks. On secure clusters, it doesn't work at all in > part due to wrong ugi being used for the connection (HDFS-3367), but then it > fails because the effective user tries to use a non-proxy token for the real > user. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira