[jira] [Commented] (YARN-2156) ApplicationMasterService#serviceStart() method has hardcoded AuthMethod.TOKEN as security configuration

2014-06-13 Thread Daryn Sharp (JIRA) 

[ 
https://issues.apache.org/jira/browse/YARN-2156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14030639#comment-14030639
 ] 

Daryn Sharp commented on YARN-2156:
---

A warning doesn't make sense because it implies there is something you should 
change.  There's not.  The config setting, whether explicitly set or not, is 
entirely irrelevant.  By design, yarn always uses tokens and these tokens carry 
essential information that is not otherwise obtainable for non-token 
authenticated connections.  That's why token authentication is explicitly set.

> ApplicationMasterService#serviceStart() method has hardcoded AuthMethod.TOKEN 
> as security configuration
> ---
>
> Key: YARN-2156
> URL: https://issues.apache.org/jira/browse/YARN-2156
> Project: Hadoop YARN
>  Issue Type: Bug
>Reporter: Svetozar Ivanov
>
> org.apache.hadoop.yarn.server.resourcemanager.ApplicationMasterService#serviceStart()
>  method has mistakenly hardcoded AuthMethod.TOKEN as Hadoop security 
> authentication. 
> It looks like that:
> {code}
> @Override
>   protected void serviceStart() throws Exception {
> Configuration conf = getConfig();
> YarnRPC rpc = YarnRPC.create(conf);
> InetSocketAddress masterServiceAddress = conf.getSocketAddr(
> YarnConfiguration.RM_SCHEDULER_ADDRESS,
> YarnConfiguration.DEFAULT_RM_SCHEDULER_ADDRESS,
> YarnConfiguration.DEFAULT_RM_SCHEDULER_PORT);
> Configuration serverConf = conf;
> // If the auth is not-simple, enforce it to be token-based.
> serverConf = new Configuration(conf);
> serverConf.set(
> CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
> SaslRpcServer.AuthMethod.TOKEN.toString());
> 
> ...
> }
> {code}
> Obviously such code makes sense only if 
> CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION config setting 
> is missing.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Commented] (YARN-2156) ApplicationMasterService#serviceStart() method has hardcoded AuthMethod.TOKEN as security configuration

2014-06-12 Thread Svetozar Ivanov (JIRA) 

[ 
https://issues.apache.org/jira/browse/YARN-2156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14030286#comment-14030286
 ] 

Svetozar Ivanov commented on YARN-2156:
---

Hm, I would expect a warning message in my logs if is like you said. That's 
because my configuration settings are completely ignored.

> ApplicationMasterService#serviceStart() method has hardcoded AuthMethod.TOKEN 
> as security configuration
> ---
>
> Key: YARN-2156
> URL: https://issues.apache.org/jira/browse/YARN-2156
> Project: Hadoop YARN
>  Issue Type: Bug
>Reporter: Svetozar Ivanov
>
> org.apache.hadoop.yarn.server.resourcemanager.ApplicationMasterService#serviceStart()
>  method has mistakenly hardcoded AuthMethod.TOKEN as Hadoop security 
> authentication. 
> It looks like that:
> {code}
> @Override
>   protected void serviceStart() throws Exception {
> Configuration conf = getConfig();
> YarnRPC rpc = YarnRPC.create(conf);
> InetSocketAddress masterServiceAddress = conf.getSocketAddr(
> YarnConfiguration.RM_SCHEDULER_ADDRESS,
> YarnConfiguration.DEFAULT_RM_SCHEDULER_ADDRESS,
> YarnConfiguration.DEFAULT_RM_SCHEDULER_PORT);
> Configuration serverConf = conf;
> // If the auth is not-simple, enforce it to be token-based.
> serverConf = new Configuration(conf);
> serverConf.set(
> CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
> SaslRpcServer.AuthMethod.TOKEN.toString());
> 
> ...
> }
> {code}
> Obviously such code makes sense only if 
> CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION config setting 
> is missing.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Commented] (YARN-2156) ApplicationMasterService#serviceStart() method has hardcoded AuthMethod.TOKEN as security configuration

2014-06-12 Thread Daryn Sharp (JIRA) 

[ 
https://issues.apache.org/jira/browse/YARN-2156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14029913#comment-14029913
 ] 

Daryn Sharp commented on YARN-2156:
---

Yes, this is by design.  Yarn uses tokens regardless of your security setting.

> ApplicationMasterService#serviceStart() method has hardcoded AuthMethod.TOKEN 
> as security configuration
> ---
>
> Key: YARN-2156
> URL: https://issues.apache.org/jira/browse/YARN-2156
> Project: Hadoop YARN
>  Issue Type: Bug
>Reporter: Svetozar Ivanov
>
> org.apache.hadoop.yarn.server.resourcemanager.ApplicationMasterService#serviceStart()
>  method has mistakenly hardcoded AuthMethod.TOKEN as Hadoop security 
> authentication. 
> It looks like that:
> {code}
> @Override
>   protected void serviceStart() throws Exception {
> Configuration conf = getConfig();
> YarnRPC rpc = YarnRPC.create(conf);
> InetSocketAddress masterServiceAddress = conf.getSocketAddr(
> YarnConfiguration.RM_SCHEDULER_ADDRESS,
> YarnConfiguration.DEFAULT_RM_SCHEDULER_ADDRESS,
> YarnConfiguration.DEFAULT_RM_SCHEDULER_PORT);
> Configuration serverConf = conf;
> // If the auth is not-simple, enforce it to be token-based.
> serverConf = new Configuration(conf);
> serverConf.set(
> CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
> SaslRpcServer.AuthMethod.TOKEN.toString());
> 
> ...
> }
> {code}
> Obviously such code makes sense only if 
> CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION config setting 
> is missing.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Commented] (YARN-2156) ApplicationMasterService#serviceStart() method has hardcoded AuthMethod.TOKEN as security configuration

2014-06-12 Thread Jian He (JIRA) 

[ 
https://issues.apache.org/jira/browse/YARN-2156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14029796#comment-14029796
 ] 

Jian He commented on YARN-2156:
---

Svetozar, I think this is expected because AMRMToken today is used in both 
secure and non-secure environment.

> ApplicationMasterService#serviceStart() method has hardcoded AuthMethod.TOKEN 
> as security configuration
> ---
>
> Key: YARN-2156
> URL: https://issues.apache.org/jira/browse/YARN-2156
> Project: Hadoop YARN
>  Issue Type: Bug
>Reporter: Svetozar Ivanov
>
> org.apache.hadoop.yarn.server.resourcemanager.ApplicationMasterService#serviceStart()
>  method has mistakenly hardcoded AuthMethod.TOKEN as Hadoop security 
> authentication. 
> It looks like that:
> {code}
> @Override
>   protected void serviceStart() throws Exception {
> Configuration conf = getConfig();
> YarnRPC rpc = YarnRPC.create(conf);
> InetSocketAddress masterServiceAddress = conf.getSocketAddr(
> YarnConfiguration.RM_SCHEDULER_ADDRESS,
> YarnConfiguration.DEFAULT_RM_SCHEDULER_ADDRESS,
> YarnConfiguration.DEFAULT_RM_SCHEDULER_PORT);
> Configuration serverConf = conf;
> // If the auth is not-simple, enforce it to be token-based.
> serverConf = new Configuration(conf);
> serverConf.set(
> CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
> SaslRpcServer.AuthMethod.TOKEN.toString());
> 
> ...
> }
> {code}
> Obviously such code makes sense only if 
> CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION config setting 
> is missing.



--
This message was sent by Atlassian JIRA
(v6.2#6252)