[
https://issues.apache.org/jira/browse/YARN-7862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16347248#comment-16347248
]
Eric Yang commented on YARN-7862:
---------------------------------
[~sunilg] I don't think we ever said user.name is mandatory. In the absence of
external authenticators and delegation token, then user.name is required. The
UI must display 401 Unauthorized challenge to prevent information leak to
anonymous user.
> YARN native service REST endpoint needs user.name as query param
> ----------------------------------------------------------------
>
> Key: YARN-7862
> URL: https://issues.apache.org/jira/browse/YARN-7862
> Project: Hadoop YARN
> Issue Type: Bug
> Components: yarn-native-services
> Reporter: Sunil G
> Priority: Major
>
> While accessing below yarn rest end point with POST method type,
> {code:java}
> http://rm_ip:8088/app/v1/services{code}
> below error is coming in non-secure cluster.
> {noformat}
> {
> "diagnostics": "Null user"
> }{noformat}
> When *user.name* is provided as query param with *dr.who* we can see that
> yarn started service with proxy user, not dr.who.
> In non-secure cluster, native service should ideally take the user from
> remote ugi.
> in secure cluster, its better to derive user from kerberized shell.
>
> cc/ [~jianhe] [~eyang]
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
