[
https://issues.apache.org/jira/browse/HADOOP-12570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15063081#comment-15063081
]
Chris Nauroth commented on HADOOP-12570:
----------------------------------------
Nice improvements. Thank you, Arpit.
In the references, the first entry can link to HADOOP-4487, which is the
original Hadoop security JIRA with design doc attached.
In HdfsMultiHoming.md, the "Hostname Lookup" link isn't rendering correctly.
There is a missing underscore. This would fix it:
{code}
* [Hostname Lookup](#Hostname_Lookup)
{code}
The descriptions in hdfs-default.xml are nice to have, but I'm concerned that
they are not backwards-compatible.
{{dfs.namenode.kerberos.internal.spnego.principal}} used to default to using
the value of {{dfs.web.authentication.kerberos.principal}}. That would mean
that if someone had configured {{dfs.web.authentication.kerberos.principal}},
but not {{dfs.namenode.kerberos.internal.spnego.principal}}, then it could have
worked before this patch, but it would stop working after this patch.
That probably partly explains the earlier {{SaslDataTransferTestCase}}
failures. I think if tests need to be changed for this patch, then it's
probably a sign that something has gone wrong.
> HDFS Secure Mode Documentation updates
> --------------------------------------
>
> Key: HADOOP-12570
> URL: https://issues.apache.org/jira/browse/HADOOP-12570
> Project: Hadoop Common
> Issue Type: Improvement
> Components: documentation
> Affects Versions: 2.7.1
> Reporter: Arpit Agarwal
> Assignee: Arpit Agarwal
> Attachments: HDFS-9254.01.patch, HDFS-9254.02.patch,
> HDFS-9254.03.patch, HDFS-9254.04.patch
>
>
> Some Kerberos configuration parameters are not documented well enough.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
