[
https://issues.apache.org/jira/browse/HDFS-13358?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16722857#comment-16722857
]
Surendra Singh Lilhore commented on HDFS-13358:
-----------------------------------------------
Thanks [~crh] for working on this jira.
We tested this patch and its working fine. We found one issue related to znode
ACL and reported same in HADOOP-16001.
Actually we got auth failed for znode and its because ofÂ
ZKDelegationTokenSecretManager. *ZKDelegationTokenSecretManager* using first
part of principal for setting zonde ACL's and zookeeper is using complete
principal for verifying auth. In zookeeper
*{{zookeeper.security.auth_to_local}}* is used to get user name from principal,
same way in hadoop *{{hadoop.security.auth_to_local}}* used to get user name
from principal. *ZKDelegationTokenSecretManager* also should use
*{{hadoop.security.auth_to_local}}* property to get user name and set acl.
> RBF: Support for Delegation Token (RPC)
> ---------------------------------------
>
> Key: HDFS-13358
> URL: https://issues.apache.org/jira/browse/HDFS-13358
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Reporter: Sherwood Zheng
> Assignee: CR Hota
> Priority: Major
> Attachments: HDFS-13358-HDFS-13891.001.patch,
> HDFS-13358-HDFS-13891.002.patch, HDFS-13358-HDFS-13891.003.patch, RBF_
> Delegation token design.pdf
>
>
> HDFS Router should support issuing / managing HDFS delegation tokens.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
