[
https://issues.apache.org/jira/browse/HDFS-8572?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Haohui Mai updated HDFS-8572:
-----------------------------
Description:
In HDFS-7279 the Netty server in DN proxies all servlet requests to the local
Jetty instance.
The Jetty server is configured incorrectly so that it always uses
{{HTTP/locahost@REALM}} to authenticate spnego requests. As a result, servlets
like JMX are no longer accessible in secure deployments.
was:After HDFS-7279, the DN always uses {{HTTP/locahost@REALM}} to
authenticate spnego requests, which breaks all the security deployments.
> DN always uses HTTP/localhost@REALM principals in SPNEGO
> --------------------------------------------------------
>
> Key: HDFS-8572
> URL: https://issues.apache.org/jira/browse/HDFS-8572
> Project: Hadoop HDFS
> Issue Type: Bug
> Reporter: Haohui Mai
> Assignee: Haohui Mai
> Priority: Blocker
> Attachments: HDFS-8572.000.patch, HDFS-8572.001.patch,
> HDFS-8572.002.patch
>
>
> In HDFS-7279 the Netty server in DN proxies all servlet requests to the local
> Jetty instance.
> The Jetty server is configured incorrectly so that it always uses
> {{HTTP/locahost@REALM}} to authenticate spnego requests. As a result,
> servlets like JMX are no longer accessible in secure deployments.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
