[
https://issues.apache.org/jira/browse/YARN-1841?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13937206#comment-13937206
]
Oleg Zhurakousky commented on YARN-1841:
----------------------------------------
Here is where its actually happening:
_org.apache.hadoop.yarn.server.nodemanager.containermanager.ContainerManagerImpl_
line: 258
{code}
// always enforce it to be token-based.
serverConf.set(
CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
SaslRpcServer.AuthMethod.TOKEN.toString());
{code}
I understand that there may be some reason for that, although there is not a
single doc, comment, log or other explanation as to why such override happens.
However, regardless of the reason, this essentially means that no mater what
the user settings are they will be overridden. . . fishy. . .
> YARN ignores/overrides explicit security settings
> -------------------------------------------------
>
> Key: YARN-1841
> URL: https://issues.apache.org/jira/browse/YARN-1841
> Project: Hadoop YARN
> Issue Type: Bug
> Components: resourcemanager
> Affects Versions: 2.3.0
> Reporter: Oleg Zhurakousky
> Priority: Blocker
>
> core-site.xml explicitly sets authentication as SIMPLE
> {code}
> <property>
> <name>hadoop.security.authentication</name>
> <value>simple</value>
> <description>Simple authentication</description>
> </property>
> {code}
> However any attempt to register ApplicationMaster on the remote YARN cluster
> results in
> {code}
> org.apache.hadoop.security.AccessControlException: SIMPLE authentication is
> not enabled. Available:[TOKEN]
> . . .
> {code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
