[
https://issues.apache.org/jira/browse/HDFS-9085?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14791503#comment-14791503
]
Chris Nauroth commented on HDFS-9085:
-------------------------------------
Hello [~zxu]. Thank you for the patch. This looks helpful.
Unfortunately, there is a small backwards-compatibility concern. The return
value of {{DelegationTokenIdentifier#toString}} is output to the console by the
{{hdfs fetchdt --print}} command. If an administrator had written any
scripting that relies on parsing that output, then this change could break it.
I think that prevents us from committing to branch-2, though a commit to trunk
would still be possible.
> Show renewer information in DelegationTokenIdentifier#toString
> --------------------------------------------------------------
>
> Key: HDFS-9085
> URL: https://issues.apache.org/jira/browse/HDFS-9085
> Project: Hadoop HDFS
> Issue Type: Improvement
> Reporter: zhihai xu
> Assignee: zhihai xu
> Priority: Trivial
> Attachments: HDFS-9085.001.patch
>
>
> Show renewer information in {{DelegationTokenIdentifier#toString}}. Currently
> {{org.apache.hadoop.hdfs.security.token.delegation.DelegationTokenIdentifier}}
> didn't show the renewer information. It will be very useful to have renewer
> information to debug security related issue. Because the renewer will be
> filtered by "hadoop.security.auth_to_local", it will be helpful to show the
> real renewer info after applying the rules.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
