[
https://issues.apache.org/jira/browse/HADOOP-7510?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13079183#comment-13079183
]
Jitendra Nath Pandey commented on HADOOP-7510:
----------------------------------------------
There are a few considerations to be careful about:
1) The hostname in service could be a vip name. The token selector is used in
ipc.Client, which has InetSocketAddress of the remote server. How do we make
sure we are matching the right hostnames? One way to address it is to get the
ip address from the hostname service and use that for matching, but that needs
a dns lookup.
2) Dns lookup in token selector would be invoked for every connection using
token authentication.
> Tokens should use original hostname provided instead of ip
> ----------------------------------------------------------
>
> Key: HADOOP-7510
> URL: https://issues.apache.org/jira/browse/HADOOP-7510
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
> Fix For: 0.20.205.0
>
>
> Tokens currently store the ip:port of the remote server. This precludes
> tokens from being used after a host's ip is changed. Tokens should store the
> hostname used to make the RPC connection. This will enable new processes to
> use their existing tokens.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
