[
https://issues.apache.org/jira/browse/HADOOP-9881?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kai Zheng updated HADOOP-9881:
------------------------------
Assignee: Kai Zheng
> Some questions and possible improvement for MiniKdc/TestMiniKdc
> ---------------------------------------------------------------
>
> Key: HADOOP-9881
> URL: https://issues.apache.org/jira/browse/HADOOP-9881
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Kai Zheng
> Assignee: Kai Zheng
>
> In org.apache.hadoop.minikdc.TestMiniKdc:
> # In testKeytabGen(), it comments ??principals use \ instead of /??, does
> this mean the principal must use \ instead of / to use MiniKdc for test
> cases? If so, should *HADOOP_SECURITY_AUTH_TO_LOCAL* consider this?
> # In testKerberosLogin(), what’s the meant difference between client login
> and server login? I see isInitiator option is set true or false respectively,
> but I’m not sure about that.
> # Both in client login and server login, why loginContext.login() gets called
> again in the end? Perhaps loginContext.logout().
> # It also considers IBM JDK. Ref current UGI implementation, looks like it
> needs to set KRB5CCNAME system property and useDefaultCcache option
> specifically.
> It’s good to test login using keytab as current provided facility and test
> does. Is it also possible to test login via ticket cache or how to
> automatically generate ticket cache with specified principal without
> execution of kinit? This is important to cover user Kerberos login (with
> kinit) if possible using MiniKdc.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
