[
https://issues.apache.org/jira/browse/HDFS-10451?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
James Clampffer updated HDFS-10451:
-----------------------------------
Parent Issue: HDFS-14032 (was: HDFS-8707)
> libhdfs++: Look up kerberos principal by username
> -------------------------------------------------
>
> Key: HDFS-10451
> URL: https://issues.apache.org/jira/browse/HDFS-10451
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: hdfs-client
> Reporter: Bob Hansen
> Priority: Major
>
> SaslProtocol::Negotiate passes the user name directly to the sasl_engine for
> authentication; the SASL engines require that.
> HDFS maps princpals to usernames by stripping off the realm and hostname. We
> should query the ccache for all available tickets, and find the one that best
> matches the passed-in username using the HDFS semantics. e.g. if the
> username is client1, and we have a ticket for
> client1/machine1.foo....@foo.com, we should use that ticket.
> If multiple tickets match, the one that most exactly matches the username
> (host, realm) should be used.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
