[
https://issues.apache.org/jira/browse/YARN-707?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13757909#comment-13757909
]
Jason Lowe commented on YARN-707:
---------------------------------
bq. Ug, the RM and AM are abusing the same secret manager impl. The RM wants
the secret key to be generated, whereas the AM really wants to verify it. 2.x
fixed this.
Right, this condition as well as the fact that the RM leaks keys in the secret
manager for each app (no way to remove them) is not new with this patch as it
was already pre-existing in 0.23. IMO those issues should be fixed in another
JIRA since they're not introduced by this change.
> Add user info in the YARN ClientToken
> -------------------------------------
>
> Key: YARN-707
> URL: https://issues.apache.org/jira/browse/YARN-707
> Project: Hadoop YARN
> Issue Type: Improvement
> Reporter: Bikas Saha
> Assignee: Jason Lowe
> Priority: Blocker
> Fix For: 3.0.0, 2.1.1-beta
>
> Attachments: YARN-707-20130822.txt, YARN-707-20130827.txt,
> YARN-707-20130828-2.txt, YARN-707-20130828.txt, YARN-707-20130829.txt,
> YARN-707-20130830.branch-0.23.txt
>
>
> If user info is present in the client token then it can be used to do limited
> authz in the AM.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
