[jira] [Resolved] (STORM-2563) Remove the workaround to handle missing UGI.loginUserFromSubject

Jungtaek Lim (JIRA) Wed, 21 Jun 2017 23:47:13 -0700

     [ 
https://issues.apache.org/jira/browse/STORM-2563?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jungtaek Lim resolved STORM-2563.
---------------------------------
       Resolution: Fixed
    Fix Version/s: 1.1.1
                   2.0.0

Thanks [~arunmahadevan], I merged into master and 1.x branch.

> Remove the workaround to handle missing UGI.loginUserFromSubject
> ----------------------------------------------------------------
>
>                 Key: STORM-2563
>                 URL: https://issues.apache.org/jira/browse/STORM-2563
>             Project: Apache Storm
>          Issue Type: Bug
>            Reporter: Arun Mahadevan
>            Assignee: Arun Mahadevan
>             Fix For: 2.0.0, 1.1.1
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> https://github.com/apache/storm/blob/master/storm-client/src/jvm/org/apache/storm/security/auth/kerberos/AutoTGT.java#L225
> The "userCons.setAccessible(true)" invokes constructor of a package private 
> class bypassing the Java access control checks and raising red flags in our 
> internal security scans.
> The "loginUserFromSubject(Subject subject)" has been added to UGI 
> (https://issues.apache.org/jira/browse/HADOOP-10164) and available since 
> Hadoop version 2.3 released over three years ago 
> (http://hadoop.apache.org/releases.html).
>  
> I think the workaround is no longer required since the case will not happen 
> when using hadoop-common versions >= 2.3



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (STORM-2563) Remove the workaround to handle missing UGI.loginUserFromSubject

Reply via email to