[
https://issues.apache.org/jira/browse/YARN-707?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13758209#comment-13758209
]
Jason Lowe commented on YARN-707:
---------------------------------
Thanks for the review, Daryn.
bq. ClientToAMTokenIdentifier#getUser() doesn't do a null check on the client
name (because it can't be null) but should perhaps still check isEmpty()?
Will fix that.
bq. Is ResourceManager#clientToAMSecretManager still needed now that it's in
the context?
Technically no, but all the other pieces of the context are also fields of
ResourceManager so it's consistent with those.
bq. Now that the client token is generated in RMAppAttemptImpl - should it
contain the attemptId, not the appId?
The original client tokens in 0.23 were per-app and not per-app-attempt, and I
didn't want to change that association as part of this change.
> Add user info in the YARN ClientToken
> -------------------------------------
>
> Key: YARN-707
> URL: https://issues.apache.org/jira/browse/YARN-707
> Project: Hadoop YARN
> Issue Type: Improvement
> Reporter: Bikas Saha
> Assignee: Jason Lowe
> Priority: Blocker
> Fix For: 3.0.0, 2.1.1-beta
>
> Attachments: YARN-707-20130822.txt, YARN-707-20130827.txt,
> YARN-707-20130828-2.txt, YARN-707-20130828.txt, YARN-707-20130829.txt,
> YARN-707-20130830.branch-0.23.txt
>
>
> If user info is present in the client token then it can be used to do limited
> authz in the AM.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
