[jira] [Commented] (OOZIE-1688) New configuration to specify server-server authentication type.

Mon, 10 Feb 2014 17:37:32 -0800 

    [ 
https://issues.apache.org/jira/browse/OOZIE-1688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13897422#comment-13897422
 ] 

Robert Kanter commented on OOZIE-1688:
--------------------------------------

{quote}
I think oozie.authentication.type and SERVER_SERVER_AUTH_TYPE are two different 
auth type and may have different implementation.
In our case oozie.authentication.type is type of AuthenticationHandler where as 
SERVER_SERVER_AUTH_TYPE is a type of Authenticator.
{quote}
You're right; it makes sense that these should be separate.  

Some minor things:
- In oozie-site, when it says "Supported values are: simple | kerberos | 
#AUTHENTICATION_HANDLER_CLASSNAME#" that should be "AUTHENTICATOR_CLASSNAME#", 
right?
- It would be useful to add a Log message saying which authenticator type got 
loaded; its in a static block, so it should happen once only
- The new property should also be added to oozie-default.xml
- Can you update the docs with the new property?  It currently says:
{noformat}
Oozie HA works with the existing Oozie security framework and settings. For log 
streaming to work properly in a secure setup oozie.authentication.type must be 
set properly on each server (though this is already required if using security 
in the first place).
{noformat}
which needs to be reworded and updated.

> New configuration to specify server-server authentication type.
> ---------------------------------------------------------------
>
>                 Key: OOZIE-1688
>                 URL: https://issues.apache.org/jira/browse/OOZIE-1688
>             Project: Oozie
>          Issue Type: Bug
>          Components: HA
>            Reporter: purshotam shah
>            Assignee: purshotam shah
>         Attachments: OOZIE-1688-v1.patch, OOZIE-1688-v1.patch, 
> OOZIE-1688.patch
>
>
> Currently conf "oozie.authentication.type" is used by specify authentication 
> type for client-server as well as server-server.
> Client-server and server-server communication can use different type of 
> authentication.
> We need to have  different conf "oozie.server.authentication.type" to specify 
> server-server authentication type.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to