Josh Elser commented on PHOENIX-4533:

{{mvn verify}} with the PQS ITs passes for me. I think the only thing that 
caught my eye was that you have the IT putting both keys into one keytab file. 
This doesn't mimic what most people will do in reality, but there shouldn't be 
any functional difference in doing it in one or multiple keytab files so 

Will run this through tests on each branch and push it out if it's good! Thanks 
for your help, Lev!

For the future, it's preferred if each patch is standalone, rather than 
building on the previous, Lev. I'll attach a new patch file here which is the 
collection of changes you've made across all three commits.

> Phoenix Query Server should not use SPNEGO principal to proxy user requests
> ---------------------------------------------------------------------------
>                 Key: PHOENIX-4533
>                 URL: https://issues.apache.org/jira/browse/PHOENIX-4533
>             Project: Phoenix
>          Issue Type: Improvement
>            Reporter: Lev Bronshtein
>            Assignee: Lev Bronshtein
>            Priority: Minor
>         Attachments: PHOENIX-4533.1.patch, PHOENIX-4533.2.patch, 
> PHOENIX-4533.3.patch
> Currently the HTTP/ principal is used by various components in the HADOOP 
> ecosystem to perform SPNEGO authentication.  Since there can only be one 
> HTTP/ per host, even outside of the Hadoop ecosystem, the keytab containing 
> key material for local HTTP/ principal is shared among a few applications.  
> With so many applications having access to the HTTP/ credentials, this 
> increases the chances of an attack on the proxy user capabilities of Hadoop.  
> This JIRA proposes that two different key tabs can be used to
> 1. Authenticate kerberized web requests
> 2. Communicate with the phoenix back end

This message was sent by Atlassian JIRA

Reply via email to