[
https://issues.apache.org/jira/browse/HADOOP-8243?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Todd Lipcon updated HADOOP-8243:
--------------------------------
Attachment: hadoop-8243.txt
This patch fixes the issue. I tested manually by setting up a secure HA cluster
and running haadmin with {{-failover}}, {{-checkHealth}},
{{-transitionToActive}}, {{-transitionToStandby}}, and {{-getServiceState}}
subcommands.
These manual tests are covered by the HA test plan.
Unfortunately there are no automated tests for security here. I tried to get
the new ApacheDS-based security test infrastructure to work, but it doesn't
work correctly in my environment. Please see my comment here:
https://issues.apache.org/jira/browse/HDFS-3016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13242722#comment-13242722
> Security support broken in CLI (manual) failover controller
> -----------------------------------------------------------
>
> Key: HADOOP-8243
> URL: https://issues.apache.org/jira/browse/HADOOP-8243
> Project: Hadoop Common
> Issue Type: Bug
> Components: ha, security
> Affects Versions: 2.0.0
> Reporter: Todd Lipcon
> Assignee: Todd Lipcon
> Priority: Critical
> Attachments: hadoop-8243.txt
>
>
> Some recent refactoring accidentally caused the proxies in some places to get
> created with a default Configuration, instead of using the Configuration set
> up by the DFSHAAdmin tool. This causes the HAServiceProtocol to be missing
> the configuration which specifies the NN principle -- and thus breaks the CLI
> HAAdmin tool in secure setups.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
