[
https://issues.apache.org/jira/browse/HADOOP-15440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16899125#comment-16899125
]
Eric Yang commented on HADOOP-15440:
------------------------------------
[~hexiaoqiao] {quote}for case `test/_HOST/test`, it will be replaced to
`test/$hostname/test`.{quote}
It probably should throw error if the format is not a proper kerberos service
principal.
{quote}it is true. it seems DNS.getHosts give one choice, any suggestions?
Thanks again.{quote}
I think Hadoop is using hadoop.security.dns.interface to determine which
hostname to bind. This may help for the hostname lookup.
> Support kerberos principal name pattern for KerberosAuthenticationHandler
> -------------------------------------------------------------------------
>
> Key: HADOOP-15440
> URL: https://issues.apache.org/jira/browse/HADOOP-15440
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: He Xiaoqiao
> Assignee: He Xiaoqiao
> Priority: Major
> Attachments: HADOOP-15440-trunk.001.patch, HADOOP-15440.002.patch
>
>
> When setup HttpFS server or KMS server in security mode, we have to config
> kerberos principal for these service, it doesn't support to convert Kerberos
> principal name pattern to valid Kerberos principal names whereas
> NameNode/DataNode and many other service can do that, so it makes confused
> for users. so I propose to replace hostname pattern with hostname, which
> should be fully-qualified domain name.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
