[
https://issues.apache.org/jira/browse/HDFS-5688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13877775#comment-13877775
]
Haohui Mai commented on HDFS-5688:
----------------------------------
There are multiple tests covering this feature (i.e., wire-encryption over
RPC), therefore I believe that it might be a configuration error.
Can you post your configuration?
> Wire-encription in QJM
> ----------------------
>
> Key: HDFS-5688
> URL: https://issues.apache.org/jira/browse/HDFS-5688
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: ha, journal-node, security
> Affects Versions: 2.2.0
> Reporter: Juan Carlos Fernandez
> Priority: Blocker
> Labels: security
>
> When HA is implemented with QJM and using kerberos, it's not possible to set
> wire-encrypted data.
> If it's set property hadoop.rpc.protection to something different to
> authentication it doesn't work propertly, getting the error:
> ERROR security.UserGroupInformation: PriviledgedActionException
> as:principal@REALM (auth:KERBEROS) cause:javax.security.sasl.SaslException:
> No common protection layer between client and server
> With NFS as shared storage everything works like a charm
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
