[
https://issues.apache.org/jira/browse/HADOOP-11726?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14367811#comment-14367811
]
Haohui Mai commented on HADOOP-11726:
-------------------------------------
Here are a list of proposed approaches that I'm aware of. [~atm], please feel
free to chime in if I miss anything.
* Fix all FileSystem implementations so that they continue to proceed if they
fail to obtain a delegation token from the remote cluster (HDFS-6776). The
advantage is that it is easy to implement in {{WebHdfsFileSystem}}. The
disadvantage is that it prohibits security-sensitive applications to enforce
some security policy. For example, implementing a secure distcp application
that can only write to secure clusters on top of these FileSystem become
impossible.
* Fix all applications that need to this type of integration (proposed in the
discussion of HDFS-6776). The application can ignore the DT isssues and
continue to proceed. The advantage is that application has more information to
make this informed decisions (again, think of the secure distcp use case). The
disadvantage is that the application itself needs to be fixed.
* Issue a dummy delegation token in insecure clusters (proposed in the
discussion of HDFS-6776). It changes the server implementation to issue a dummy
delegation token when the server is in insecure mode. The advantage is that
neither the applications nor the FileSystem need to be changed. The
disadvantage is that older versions of server might need to be upgraded to
enable this fix, though it can be mitigated by using a proxy as suggested in
HDFS-6776.
> Allow applications to access both secure and insecure clusters at the same
> time
> -------------------------------------------------------------------------------
>
> Key: HADOOP-11726
> URL: https://issues.apache.org/jira/browse/HADOOP-11726
> Project: Hadoop Common
> Issue Type: Bug
> Reporter: Haohui Mai
>
> Today there are multiple integration issues when an application
> (particularly, distcp) access both secure and insecure clusters (e.g.,
> HDFS-6776 / HDFS-7036)
> There are four use cases in this scenario:
> * Secure <-> Secure. Works.
> * Insecure <-> Insecure. Works.
> * Accessing secure clusters from insecure client. Will not work as expected.
> The insecure client won't be able to be authenticated with the secure client,
> otherwise it is a security vulnerability.
> * Accessing insecure clusters from secure client. Currently it will not work
> as the secure client won't be able to obtain a delegation token from the
> insecure cluster.
> This jira proposes to fix the last use case.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
