Eron Wright created FLINK-5364:
-----------------------------------
Summary: Rework JAAS configuration to support user-supplied entries
Key: FLINK-5364
URL: https://issues.apache.org/jira/browse/FLINK-5364
Project: Flink
Issue Type: Bug
Components: Cluster Management
Reporter: Eron Wright
Assignee: Eron Wright
Priority: Critical
Recent issues (see linked) have brought to light a critical deficiency in the
handling of JAAS configuration.
1. the MapR distribution relies on an explicit JAAS conf, rather than in-memory
conf used by stock Hadoop.
2. the ZK/Kafka/Hadoop security configuration is supposed to be independent
(one can enable each element separately) but isn't.
Perhaps we should rework the JAAS conf code to merge any user-supplied
configuration with our defaults, rather than using an all-or-nothing approach.
We should also address some recent regressions:
1. The HadoopSecurityContext should be installed regardless of auth mode. For
example, verify the use of HADOOP_USER_NAME in 'SIMPLE' auth mode.
2. Fix the use of alternative authentication methods - delegation tokens and
Kerberos ticket cache.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
