[ https://issues.apache.org/jira/browse/YARN-4126?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14734277#comment-14734277 ]
Bibin A Chundatt commented on YARN-4126: ---------------------------------------- HI [~jianhe]/[~Naganarasimha] Seems like check is wrong in {{isAllowedDelegationTokenOp}} {code} if (UserGroupInformation.isSecurityEnabled()) { return EnumSet.of(AuthenticationMethod.KERBEROS, AuthenticationMethod.KERBEROS_SSL, AuthenticationMethod.CERTIFICATE) .contains(UserGroupInformation.getCurrentUser() .getRealAuthenticationMethod()); } else { return true; } {code} Else case should have returned false rt? > RM should not issue delegation tokens in unsecure mode > ------------------------------------------------------ > > Key: YARN-4126 > URL: https://issues.apache.org/jira/browse/YARN-4126 > Project: Hadoop YARN > Issue Type: Bug > Reporter: Jian He > > ClientRMService#getDelegationToken is currently returning a delegation token > in insecure mode. We should not return the token if it's in insecure mode. -- This message was sent by Atlassian JIRA (v6.3.4#6332)