[jira] [Updated] (HDFS-5688) Wire-encription in QJM

Wed, 20 Aug 2014 19:27:47 -0700 

     [ 
https://issues.apache.org/jira/browse/HDFS-5688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

ilovehadoop updated HDFS-5688:
------------------------------

    Description: 
When HA is implemented with QJM and using kerberos, it's not possible to set 
wire-encrypted data.
If it's set property hadoop.rpc.protection to something different to 
authentication it doesn't work propertly, getting the error:

ERROR security.UserGroupInformation: PriviledgedActionException 
as:principal@REALM (auth:KERBEROS) cause:javax.security.sasl.SaslException: No 
common protection layer between client and ser

With NFS as shared storage everything works like a charm

  was:
When HA is implemented with QJM and using kerberos, it's not possible to set 
wire-encrypted data.
If it's set property hadoop.rpc.protection to something different to 
authentication it doesn't work propertly, getting the error:

ERROR security.UserGroupInformation: PriviledgedActionException 
as:principal@REALM (auth:KERBEROS) cause:javax.security.sasl.SaslException: No 
common protection layer between client and server

With NFS as shared storage everything works like a charm


> Wire-encription in QJM
> ----------------------
>
>                 Key: HDFS-5688
>                 URL: https://issues.apache.org/jira/browse/HDFS-5688
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: ha, journal-node, security
>    Affects Versions: 2.2.0
>            Reporter: Juan Carlos Fernandez
>            Priority: Blocker
>              Labels: security
>         Attachments: core-site.xml, hdfs-site.xml, jaas.conf, journal.xml, 
> namenode.xml, ssl-client.xml, ssl-server.xml
>
>
> When HA is implemented with QJM and using kerberos, it's not possible to set 
> wire-encrypted data.
> If it's set property hadoop.rpc.protection to something different to 
> authentication it doesn't work propertly, getting the error:
> ERROR security.UserGroupInformation: PriviledgedActionException 
> as:principal@REALM (auth:KERBEROS) cause:javax.security.sasl.SaslException: 
> No common protection layer between client and ser
> With NFS as shared storage everything works like a charm



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to