[
https://issues.apache.org/jira/browse/HDFS-5688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Juan Carlos Fernandez updated HDFS-5688:
----------------------------------------
Attachment: ssl-server.xml
ssl-client.xml
jaas.conf
hdfs-site.xml
core-site.xml
Also in my bash_profile I have export HADOOP_OPTS="$HADOOP_OPTS
-Djava.security.auth.login.config=/opt/hadoop/etc/hadoop/jaas.conf"
Do you need more configurations or environment parameters?
> Wire-encription in QJM
> ----------------------
>
> Key: HDFS-5688
> URL: https://issues.apache.org/jira/browse/HDFS-5688
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: ha, journal-node, security
> Affects Versions: 2.2.0
> Reporter: Juan Carlos Fernandez
> Priority: Blocker
> Labels: security
> Attachments: core-site.xml, hdfs-site.xml, jaas.conf, ssl-client.xml,
> ssl-server.xml
>
>
> When HA is implemented with QJM and using kerberos, it's not possible to set
> wire-encrypted data.
> If it's set property hadoop.rpc.protection to something different to
> authentication it doesn't work propertly, getting the error:
> ERROR security.UserGroupInformation: PriviledgedActionException
> as:principal@REALM (auth:KERBEROS) cause:javax.security.sasl.SaslException:
> No common protection layer between client and server
> With NFS as shared storage everything works like a charm
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
