As mentioned in a comment on HBASE-7829 jira, the old way of specifying jaas conf still works. That makes it less serious of a problem. So +1 from me on this release still, but I guess we should document it in a release note or something.
On Mon, Feb 11, 2013 at 10:19 PM, lars hofhansl <[email protected]> wrote: > I find this in that HBASE-4791 change: > + // If keyTab is not specified use the Ticket Cache. > + // and set the zookeeper login context name. > + JaasConfiguration jaasConf = new JaasConfiguration(loginContextName, > + keytabFilename, principalName); > + javax.security.auth.login.Configuration.setConfiguration(jaasConf); > > > This was introduced with 0.94.4. It's not a regression since then, but still > a bug introduced by the last stable point release. > If it's not serious I won't sink the RC. But if it is, we should fix it. > > -- Lars > > > ----- Original Message ----- > From: Ted Yu <[email protected]> > To: [email protected]; lars hofhansl <[email protected]> > Cc: > Sent: Monday, February 11, 2013 10:05 PM > Subject: Re: Please have a look at HBASE-7829 > > I produced diff of > src/main/java/org/apache/hadoop/hbase/zookeeper/ZKUtil.java between HBASE-4791 > (in 0.94.4) to the tip of 0.94 > > The code corrected by HBASE-7829 wasn't a regression since 0.94.4 > > FYI > > On Mon, Feb 11, 2013 at 9:52 PM, lars hofhansl <[email protected]> wrote: > >> Especially the security folks (Andy, Gary). >> >> >> https://issues.apache.org/jira/browse/HBASE-7829 >> >> This is a followup to a change introduced in 0.94.4. If this breaks secure >> operation I would sink the RC (sigh). >> >> -- Lars >> >> >
