[
https://issues.apache.org/jira/browse/HDFS-5688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14327150#comment-14327150
]
Harsh J commented on HDFS-5688:
-------------------------------
This seems to be working just fine on my 2.5.0 cluster. Both JN and NN have the
same hadoop.rpc.protection configs and thereby avoids the error.
Unless you're still facing this [~jucaf], I'd propose we close this as 'Cannot
Reproduce'.
> Wire-encription in QJM
> ----------------------
>
> Key: HDFS-5688
> URL: https://issues.apache.org/jira/browse/HDFS-5688
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: ha, journal-node, security
> Affects Versions: 2.2.0
> Reporter: Juan Carlos Fernandez
> Priority: Blocker
> Labels: security
> Attachments: core-site.xml, hdfs-site.xml, jaas.conf, journal.xml,
> namenode.xml, ssl-client.xml, ssl-server.xml
>
>
> When HA is implemented with QJM and using kerberos, it's not possible to set
> wire-encrypted data.
> If it's set property hadoop.rpc.protection to something different to
> authentication it doesn't work propertly, getting the error:
> ERROR security.UserGroupInformation: PriviledgedActionException
> as:principal@REALM (auth:KERBEROS) cause:javax.security.sasl.SaslException:
> No common protection layer between client and ser
> With NFS as shared storage everything works like a charm
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
