----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/42933/ -----------------------------------------------------------
(Updated Jan. 29, 2016, 9:22 p.m.) Review request for sentry. Changes ------- Moved Configuration handling from Shell to Client, as suggested by Sravya. Repository: sentry Description ------- >From the jira: Today, the SentryShellSolr follows the same pattern as SentryShellHive, which is just getting a "new Configuration()". In order to connect to a service requiring kerberos, the Configuration must have "hadoop.security.authentication" set to "kerberos" since the generic client uses hadoop-auth to do the authentication. But this will often not be set in the context of Solr, which may not even have a hadoop-related configuration around. So, we should handle the configuration in the same way as we do for the binding; namely, if the client intends to use kerberos, we set "hadoop.security.authentication" to "kerberos" Diffs (updated) ----- sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java 761b0a469bcbe978ad262c517434f1d9346aab84 sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryShellSolr.java ec786a546b9def25e5b4c9d22ae5b49b79982c88 Diff: https://reviews.apache.org/r/42933/diff/ Testing ------- Tested on a cluster where sentry-site.xml does not specify hadoop.security.authentication and there are no other Configuration files on the classpath. Thanks, Gregory Chanan
