[
https://issues.apache.org/jira/browse/YARN-707?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jason Lowe updated YARN-707:
----------------------------
Attachment: YARN-707-20130827.txt
Patch to change the client-to-AM token user to be the user that requested the
token and not the app submitter or app ID. It also persists the master key
that was handed to the app attempt when it registered and that was used to
generate the token.
Updated the unit tests to verify the key is persisted properly, and also
manually tested this with the patch from MAPREDUCE-5475 to verify appmasters
can now perform ACL checks properly since they can now identify users who
connect as clients.
> Add user info in the YARN ClientToken
> -------------------------------------
>
> Key: YARN-707
> URL: https://issues.apache.org/jira/browse/YARN-707
> Project: Hadoop YARN
> Issue Type: Improvement
> Reporter: Bikas Saha
> Assignee: Jason Lowe
> Fix For: 3.0.0, 2.1.1-beta
>
> Attachments: YARN-707-20130822.txt, YARN-707-20130827.txt
>
>
> If user info is present in the client token then it can be used to do limited
> authz in the AM.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
