[ https://issues.apache.org/jira/browse/YARN-1841?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13937933#comment-13937933 ]
Daryn Sharp commented on YARN-1841: ----------------------------------- The reason the custom AM in the related user@hadoop thread is failing is likely because it's coded incorrectly. I suspect the RM supplied tokens were not added to the AM's ugi. In general, tokens are just a lightweight alternate authentication method that removes the need for hard authentication, ex. kerberos, which a task cannot do. Tokens within yarn are used to encode app/task identity and other information. Note that the identity is not the job's user identity so tokens cannot be disabled. This jira should be marked invalid if Vinod agrees. > YARN ignores/overrides explicit security settings > ------------------------------------------------- > > Key: YARN-1841 > URL: https://issues.apache.org/jira/browse/YARN-1841 > Project: Hadoop YARN > Issue Type: Bug > Components: resourcemanager > Affects Versions: 2.3.0 > Reporter: Oleg Zhurakousky > > core-site.xml explicitly sets authentication as SIMPLE > {code} > <property> > <name>hadoop.security.authentication</name> > <value>simple</value> > <description>Simple authentication</description> > </property> > {code} > However any attempt to register ApplicationMaster on the remote YARN cluster > results in > {code} > org.apache.hadoop.security.AccessControlException: SIMPLE authentication is > not enabled. Available:[TOKEN] > . . . > {code} -- This message was sent by Atlassian JIRA (v6.2#6252)