what version of hadoop are you using? also
dfs.web.authentication.kerberos.principal should be set to HTTP/_h...@site.com -- Arpit Gupta Hortonworks Inc. http://hortonworks.com/ On Jul 26, 2012, at 6:11 PM, Wangwenli <wangwe...@huawei.com> wrote: > Hi all, > > I configured like below in hdfs-site.xml: > > <property> > <name>dfs.namenode.kerberos.principal</name> > <value>nn/_HOST@site</value> > </property> > > > <property> > <name>dfs.web.authentication.kerberos.principal</name> > <value>nn/_HOST@site</value> > </property> > > > When start up namenode, I found, namenode will use principal : > nn/167-52-0-56@site to login, but the http server will use > nn/167-52-0-56.site@site<mailto:nn/167-52-0-56.site@site> to lgin, so it > start failed. > > I checked the code, > > Namenode will use socAddr.getHostName() to get hostname in > org.apache.hadoop.hdfs.server.namenode.NameNode.loginAsNameNodeUser. > > > But httpserver 's default hostname is 0.0.0.0, so in > org.apache.hadoop.security.SecurityUtil.replacePattern, it will get the > hostname by invoking getLocalHostName,there it use getCanonicalHostName(), > > I think this inconsistent is wrong, can someone confirm this? Need raise one > bug ? > > Thanks >
