[ https://issues.apache.org/jira/browse/HDFS-4983?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13839481#comment-13839481 ]
Colin Patrick McCabe commented on HDFS-4983: -------------------------------------------- bq. At the end of the day both of them are writing to HDFS using a DFSClient, thus their user patterns must be a subset of the patterns that HDFS allows. I did a quick search, but wasn't able to find any restrictions on the usernames which HDFS or Hadoop allows. In {{UserGroupInformation#getLoginUser}}, for example, you can see that it reads certain environment variables and just uses them directly to get a username in some cases. {{org.apache.hadoop.security.User}} doesn't seem to have any validation either. bq. Httpfs is a proxy, so it might make sense for the administrators to configure a more restrictive pattern. Maybe someone else can comment more on this, but my impression was that user name validation was added to httpfs to help prevent problems caused by usernames which included HTTP metacharacters such as %. The same problems apply to both webhdfs and httpfs, since they both use HTTP and both are susceptible to those metacharacters. I don't think these issues have anything to do with whether you're proxying or not, just the fact that these names are difficult to deal with in the context of HTTP. I guess you could argue that we should escape them rather than disallowing them... but that seems outside the scope of this JIRA. > Numeric usernames do not work with WebHDFS FS > --------------------------------------------- > > Key: HDFS-4983 > URL: https://issues.apache.org/jira/browse/HDFS-4983 > Project: Hadoop HDFS > Issue Type: Improvement > Components: webhdfs > Affects Versions: 2.0.0-alpha > Reporter: Harsh J > Assignee: Yongjun Zhang > Labels: patch > Attachments: HDFS-4983.001.patch, HDFS-4983.002.patch, > HDFS-4983.003.patch > > > Per the file > hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/web/resources/UserParam.java, > the DOMAIN pattern is set to: {{^[A-Za-z_][A-Za-z0-9._-]*[$]?$}}. > Given this, using a username such as "123" seems to fail for some reason > (tried on insecure setup): > {code} > [123@host-1 ~]$ whoami > 123 > [123@host-1 ~]$ hadoop fs -fs webhdfs://host-2.domain.com -ls / > -ls: Invalid value: "123" does not belong to the domain > ^[A-Za-z_][A-Za-z0-9._-]*[$]?$ > Usage: hadoop fs [generic options] -ls [-d] [-h] [-R] [<path> ...] > {code} -- This message was sent by Atlassian JIRA (v6.1#6144)