Eli Collins created HADOOP-8554: ----------------------------------- Summary: KerberosAuthenticator should use the configured principal Key: HADOOP-8554 URL: https://issues.apache.org/jira/browse/HADOOP-8554 Project: Hadoop Common Issue Type: Bug Components: security Affects Versions: 1.0.0 Reporter: Eli Collins
In KerberosAuthenticator we construct the principal as follows: {code} String servicePrincipal = "HTTP/" + KerberosAuthenticator.this.url.getHost(); {code} Seems like we should use the configured hadoop.http.authentication.kerberos.principal instead right? I hit this issue as a distcp using webhdfs://localhost fails because HTTP/localhost is not in the kerb DB but using webhdfs://eli-thinkpad works because HTTP/eli-thinkpad is (and is my configured principal). distcp using Hftp://localhost with the same config works so it looks like this check is webhdfs specific for some reason (webhdfs is using spnego and hftp is not?). -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira