[
https://issues.apache.org/jira/browse/HDFS-1023?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jakob Homan updated HDFS-1023:
------------------------------
Attachment: HDFS-1023-Y20.patch
Patch implementing above, plus some better logging and extra security check,
for Y20 distro. Trunk patch soon. Unit tests not applicable... sigh.
> Allow http server to start as regular principal if https principal not
> defined.
> -------------------------------------------------------------------------------
>
> Key: HDFS-1023
> URL: https://issues.apache.org/jira/browse/HDFS-1023
> Project: Hadoop HDFS
> Issue Type: Improvement
> Reporter: Jakob Homan
> Assignee: Jakob Homan
> Attachments: HDFS-1023-Y20.patch
>
>
> Currently limitations in Sun's KerbSSL implementation require the https
> server to be run as "host/[machi...@realm." and another Sun KerbSSL
> limitation appears to require you to store all principals in the same keytab,
> meaning fully functional, secured Namenodes require combined keytabs.
> However, it may be that one wishes to run a namenode without a secondary
> namenode or other utilities that require https. In this case, we should
> allow the http server to start and log a warning that it will not be able to
> accept https connections.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
