[
https://issues.apache.org/jira/browse/HADOOP-9019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13494482#comment-13494482
]
Aaron T. Myers commented on HADOOP-9019:
----------------------------------------
Got it. Thanks for the explanation.
I'm not opposed to this change, but it does seem like a bit of an odd use case.
These machines have to have hostnames (with properly configured reverse DNS, no
less) so I don't understand why folks would want to put IP addresses in their
configs.
I won't object to the change if folks want to make it, though.
> KerberosAuthenticator.doSpnegoSequence(..) should create a HTTP principal
> with hostname everytime
> --------------------------------------------------------------------------------------------------
>
> Key: HADOOP-9019
> URL: https://issues.apache.org/jira/browse/HADOOP-9019
> Project: Hadoop Common
> Issue Type: Bug
> Reporter: Vinay
>
> in KerberosAuthenticator.doSpnegoSequence(..) following line of code will
> just create a principal of the form "HTTP/<host>",
> {code} String servicePrincipal =
> KerberosUtil.getServicePrincipal("HTTP",
> KerberosAuthenticator.this.url.getHost());{code}
> but uri.getHost() is not sure of always getting hostname. If uri contains
> IP, then it just returns IP.
> For SPNEGO authentication principal should always be created with <hostname>.
> This code should be something like this, which will look /etc/hosts to get
> hostname
> {code} String hostname = InetAddress.getByName(
> KerberosAuthenticator.this.url.getHost()).getHostName();
> String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP",
> hostname);{code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
