Hi Vinod,
Have a ResourceManager with Secure Http and
KerberosAuthenticationHandler. Have disabled
yarn.resourcemanager.webapp.delegation-token-auth.filter.enabled
(KerberosDelegationTokenAuthenticationHandler). So RM HttpServer will fail
the Http Requests having only Delegation Token and not Kerberos
Credentials. Will this
affect any other components / jobs. What are the areas which really require
KerberosDelegationTokenAuthenticationHandler for Http Secure Authentication.
Thanks,
Prabhu Joseph
On Thu, May 23, 2019 at 12:35 AM Vinod Kumar Vavilapalli <[email protected]>
wrote:
> Not sure what your question really is.
>
> KerberosDelegationTokenAuthenticationHandler was created mainly to add
> delegation-token support on top of KerberosAuthenticationHandler.
>
> Thanks
> +Vinod
>
> > On May 22, 2019, at 10:58 AM, Prabhu Joseph <[email protected]>
> wrote:
> >
> > Hi,
> >
> > Was testing YARN RM with Http AuthenticationFilter set with
> > KerberosAuthenticationHandler which authenticates only through Kerberos
> and
> > not Delegation Token. Have observed everything like Yarn jobs, yarn
> > commands, UI and Rest API working fine with this setup with valid
> kerberos
> > ticket.
> >
> > Want to understand where the impact is then when not using
> > KerberosDelegationTokenAuthenticationHandler.
> >
> > Thanks,
> > Prabhu Joseph
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
>
