[jira] [Commented] (HDFS-4056) Always start the NN's SecretManager

Wed, 17 Oct 2012 09:20:05 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-4056?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13477996#comment-13477996
 ] 

Kan Zhang commented on HDFS-4056:
---------------------------------

Let's use an example to explain. Suppose security is configured to be SIMPLE 
and a user is submitting a job that accesses HDFS. With this JIRA, here is what 
I think will happen (correct me if I'm wrong). 1) the job client will always 
fetch a NN delegation token for the job (it has to be one way or the other, 
either always fetch a token or never). 2) the job will always try to use the 
token to authenticate to NN. This is desirable for a) testing token 
implementation, but not when b) the user actually wants to run everything with 
SIMPLE without the overhead of tokens. In the latter case, NN's SecretManager 
shouldn't be instantiated and the job's connection to NN should always use 
SIMPLE and never fail due to expired tokens. (Based on the current code, even 
if the token expired, it will not automatically fall back to use SIMPLE, which 
is a good thing. Otherwise, it will add confusion). To differentiate between 
case a) and b), I think we need to add a configurable option to specify what 
method should be used for subsequent (internal) auth. The existing option would 
then be used for specifying initial (external) auth. From security point of 
view, SIMPLE + token doesn't add any value over SIMPLE + SIMPLE; its usefulness 
is only in testing.
                
> Always start the NN's SecretManager
> -----------------------------------
>
>                 Key: HDFS-4056
>                 URL: https://issues.apache.org/jira/browse/HDFS-4056
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>          Components: name-node
>    Affects Versions: 0.23.0, 2.0.0-alpha, 3.0.0
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>         Attachments: HDFS-4056.patch
>
>
> To support the ability to use tokens regardless of whether kerberos is 
> enabled, the NN's secret manager should always be started.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to