Author: szetszwo Date: Wed Sep 28 04:52:47 2011 New Revision: 1176720 URL: http://svn.apache.org/viewvc?rev=1176720&view=rev Log: HDFS-2368. Move SPNEGO conf properties from hdfs-default.xml to hdfs-site.xml.
Modified: hadoop/common/branches/branch-0.20-security/CHANGES.txt hadoop/common/branches/branch-0.20-security/src/hdfs/hdfs-default.xml hadoop/common/branches/branch-0.20-security/src/packages/templates/conf/hdfs-site.xml Modified: hadoop/common/branches/branch-0.20-security/CHANGES.txt URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security/CHANGES.txt?rev=1176720&r1=1176719&r2=1176720&view=diff ============================================================================== --- hadoop/common/branches/branch-0.20-security/CHANGES.txt (original) +++ hadoop/common/branches/branch-0.20-security/CHANGES.txt Wed Sep 28 04:52:47 2011 @@ -351,6 +351,9 @@ Release 0.20.205.0 - unreleased HADOOP-7510. Add configurable option to use original hostname in token instead of IP to allow server IP change. (Daryn Sharp via suresh) + HDFS-2368. Move SPNEGO conf properties from hdfs-default.xml to + hdfs-site.xml. (szetszwo) + Release 0.20.204.0 - 2011-8-25 NEW FEATURES Modified: hadoop/common/branches/branch-0.20-security/src/hdfs/hdfs-default.xml URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security/src/hdfs/hdfs-default.xml?rev=1176720&r1=1176719&r2=1176720&view=diff ============================================================================== --- hadoop/common/branches/branch-0.20-security/src/hdfs/hdfs-default.xml (original) +++ hadoop/common/branches/branch-0.20-security/src/hdfs/hdfs-default.xml Wed Sep 28 04:52:47 2011 @@ -426,24 +426,4 @@ creations/deletions), or "all".</descrip </description> </property> -<property> - <name>dfs.web.authentication.kerberos.principal</name> - <value>HTTP/${dfs.web.hostname}@${kerberos.realm}</value> - <description> - The HTTP Kerberos principal used by Hadoop-Auth in the HTTP endpoint. - - The HTTP Kerberos principal MUST start with 'HTTP/' per Kerberos - HTTP SPENGO specification. - </description> -</property> - -<property> - <name>dfs.web.authentication.kerberos.keytab</name> - <value>${user.home}/dfs.web.keytab</value> - <description> - The Kerberos keytab file with the credentials for the - HTTP Kerberos principal used by Hadoop-Auth in the HTTP endpoint. - </description> -</property> - </configuration> Modified: hadoop/common/branches/branch-0.20-security/src/packages/templates/conf/hdfs-site.xml URL: http://svn.apache.org/viewvc/hadoop/common/branches/branch-0.20-security/src/packages/templates/conf/hdfs-site.xml?rev=1176720&r1=1176719&r2=1176720&view=diff ============================================================================== --- hadoop/common/branches/branch-0.20-security/src/packages/templates/conf/hdfs-site.xml (original) +++ hadoop/common/branches/branch-0.20-security/src/packages/templates/conf/hdfs-site.xml Wed Sep 28 04:52:47 2011 @@ -124,6 +124,26 @@ </property> <property> + <name>dfs.web.authentication.kerberos.principal</name> + <value>HTTP/_HOST@${local.realm}</value> + <description> + The HTTP Kerberos principal used by Hadoop-Auth in the HTTP endpoint. + + The HTTP Kerberos principal MUST start with 'HTTP/' per Kerberos + HTTP SPENGO specification. + </description> + </property> + + <property> + <name>dfs.web.authentication.kerberos.keytab</name> + <value>/etc/security/keytabs/nn.service.keytab</value> + <description> + The Kerberos keytab file with the credentials for the + HTTP Kerberos principal used by Hadoop-Auth in the HTTP endpoint. + </description> + </property> + + <property> <name>dfs.namenode.keytab.file</name> <value>/etc/security/keytabs/nn.service.keytab</value> <description>