[
https://issues.apache.org/jira/browse/HADOOP-12570?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15063130#comment-15063130
]
Chris Nauroth commented on HADOOP-12570:
----------------------------------------
Taking this example from the existing hdfs-default.xml:
{code}
<property>
<name>dfs.namenode.kerberos.internal.spnego.principal</name>
<value>${dfs.web.authentication.kerberos.principal}</value>
</property>
{code}
If an hdfs-site.xml defined {{dfs.web.authentication.kerberos.principal}}, but
did not define {{dfs.namenode.kerberos.internal.spnego.principal}}, then I
think it still would have worked because of the token substitution logic in
{{Configuration#substituteVars}}. In this patch,
{{dfs.namenode.kerberos.internal.spnego.principal}} defaults to nothing, so the
token substitution won't happen anymore. This is why I think there could be a
compatibility problem.
> HDFS Secure Mode Documentation updates
> --------------------------------------
>
> Key: HADOOP-12570
> URL: https://issues.apache.org/jira/browse/HADOOP-12570
> Project: Hadoop Common
> Issue Type: Improvement
> Components: documentation
> Affects Versions: 2.7.1
> Reporter: Arpit Agarwal
> Assignee: Arpit Agarwal
> Attachments: HDFS-9254.01.patch, HDFS-9254.02.patch,
> HDFS-9254.03.patch, HDFS-9254.04.patch
>
>
> Some Kerberos configuration parameters are not documented well enough.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
