[
https://issues.apache.org/jira/browse/HDFS-8572?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14581353#comment-14581353
]
Yongjun Zhang commented on HDFS-8572:
-------------------------------------
One question
{code}
private static String getHostnameForSpnegoPrincipal(Configuration conf) {
String addr = conf.getTrimmed(DFS_DATANODE_HTTP_ADDRESS_KEY, null);
if (addr == null) {
addr = conf.getTrimmed(DFS_DATANODE_HTTPS_ADDRESS_KEY,
DFS_DATANODE_HTTPS_ADDRESS_DEFAULT);
}
InetSocketAddress inetSocker = NetUtils.createSocketAddr(addr);
String hostName = inetSocker.getHostString();
return hostName;
}
{code}
Shouldn't this code check whether it's secure cluster or not then read the
corresponding config property, instead of checking "==nul" with one then try
the other?
Thanks.
> DN uses incorrect kerberos principals in spnego authentication
> --------------------------------------------------------------
>
> Key: HDFS-8572
> URL: https://issues.apache.org/jira/browse/HDFS-8572
> Project: Hadoop HDFS
> Issue Type: Bug
> Reporter: Haohui Mai
> Assignee: Haohui Mai
> Priority: Blocker
> Attachments: HDFS-8572.000.patch
>
>
> After HDFS-7279, the DN always uses {{HTTP/locahost@REALM}} to authenticate
> spnego requests, which breaks all the security deployments.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
