Review Request 22411: SENTRY-283: Secure connection from HS2 to Sentry service fails

Prasad Mujumdar Tue, 10 Jun 2014 01:46:30 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/22411/
-----------------------------------------------------------


Review request for sentry.


Bugs: SENTRY-283
    https://issues.apache.org/jira/browse/SENTRY-283


Repository: sentry


Description
-------

Since Sentry kerberos connection is not based on Hadoop security framework, we 
need to set java property javax.security.auth.useSubjectCredsOnly to false.
Also changed the allowed.connect to support short name instead of full 
principal.


Diffs
-----

  
sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/GSSCallback.java
 22f31cd 
  
sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/KerberosConfiguration.java
 41e4fe4 

Diff: https://reviews.apache.org/r/22411/diff/


Testing
-------

Manually verified the connection on secure cluster.


Thanks,

Prasad Mujumdar

Review Request 22411: SENTRY-283: Secure connection from HS2 to Sentry service fails

Reply via email to