[
https://issues.apache.org/jira/browse/HADOOP-9019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13495596#comment-13495596
]
Aaron T. Myers commented on HADOOP-9019:
----------------------------------------
I agree with you, Allen, but I think the thing that Vinay is trying to do is
use principals that contain FQDNs, but put IP addresses in the config files for
the hosts. My understanding is that Vinay is proposing that we make Hadoop
perform the reverse DNS lookup you're referring to.
Vinay: please correct me if I misunderstand your issue or proposal.
> KerberosAuthenticator.doSpnegoSequence(..) should create a HTTP principal
> with hostname everytime
> --------------------------------------------------------------------------------------------------
>
> Key: HADOOP-9019
> URL: https://issues.apache.org/jira/browse/HADOOP-9019
> Project: Hadoop Common
> Issue Type: Bug
> Reporter: Vinay
>
> in KerberosAuthenticator.doSpnegoSequence(..) following line of code will
> just create a principal of the form "HTTP/<host>",
> {code} String servicePrincipal =
> KerberosUtil.getServicePrincipal("HTTP",
> KerberosAuthenticator.this.url.getHost());{code}
> but uri.getHost() is not sure of always getting hostname. If uri contains
> IP, then it just returns IP.
> For SPNEGO authentication principal should always be created with <hostname>.
> This code should be something like this, which will look /etc/hosts to get
> hostname
> {code} String hostname = InetAddress.getByName(
> KerberosAuthenticator.this.url.getHost()).getHostName();
> String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP",
> hostname);{code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
