Sailesh Mukil has posted comments on this change. Change subject: IMPALA-3095: Add configurable whitelist of authorized internal principals ......................................................................
Patch Set 1: (2 comments) http://gerrit.cloudera.org:8080/#/c/2334/1/be/src/rpc/authentication-test.cc File be/src/rpc/authentication-test.cc: Line 74: string service_name_wrong_realm("service_name/[email protected]"); : EXPECT_EQ(SASL_OK, : SaslAuthorizeInternal(NULL, (void*)&sa, service_name_wrong_realm.c_str(), : service_name_wrong_realm.size(), NULL, 0, NULL, 0, NULL)); This shouldn't pass in practice (because the cyrus-sasl library shouldn't authenticate it if it's from a different realm). Maybe add a comment here stating that this will pass only for the sake of this test. http://gerrit.cloudera.org:8080/#/c/2334/1/be/src/rpc/authentication.cc File be/src/rpc/authentication.cc: Line 94: "hdfs" I'm guessing people would wonder why we have hdfs as the default here. Should a comment be added stating the reason? Or rather, should this be a default in the first place? -- To view, visit http://gerrit.cloudera.org:8080/2334 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: If828e86c99c3c398319953b1d3b33d5e3af200da Gerrit-PatchSet: 1 Gerrit-Project: Impala Gerrit-Branch: cdh5-2.5.0_5.7.0 Gerrit-Owner: Henry Robinson <[email protected]> Gerrit-Reviewer: Sailesh Mukil <[email protected]> Gerrit-HasComments: Yes
