Hi all, A quick question for something that is puzzling me. I can download policies from then Admin service with no credentials like e.g.:
curl -v http://localhost:6080/service/plugins/policies/download/cl1_hadoop However, when my kerberized HDFS plugin tries to pull policies down (as the "hdfs" user), I get an authorization error that the user is not allowed to download the policies. I have to edit the "cl1_hadoop" configuration and add the "hdfs" user to the "policy.download.auth.users" property. Why is this step necessary when I can just download the policies with no credentials with curl? Are we looking at a security issue here? Colm. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
