[
https://issues.apache.org/jira/browse/HDFS-6666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14359352#comment-14359352
]
Arpit Agarwal commented on HDFS-6666:
-------------------------------------
+1 from me too.
In the spirit of reducing redundant configuration, can we just assume block
access tokens are enabled when security is on (even if the setting is 'off'')?
> Abort NameNode and DataNode startup if security is enabled but block access
> token is not enabled.
> -------------------------------------------------------------------------------------------------
>
> Key: HDFS-6666
> URL: https://issues.apache.org/jira/browse/HDFS-6666
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: datanode, namenode, security
> Affects Versions: 3.0.0, 2.5.0
> Reporter: Chris Nauroth
> Priority: Minor
>
> Currently, if security is enabled by setting hadoop.security.authentication
> to kerberos, but HDFS block access tokens are disabled by setting
> dfs.block.access.token.enable to false (which is the default), then the
> NameNode logs an error and proceeds, and the DataNode proceeds without even
> logging an error. This jira proposes that this it's invalid to turn on
> security but not turn on block access tokens, and that it would be better to
> fail fast and abort the daemons during startup if this happens.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
