[
https://issues.apache.org/jira/browse/YARN-9385?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Eric Yang updated YARN-9385:
----------------------------
Attachment: YARN-9385.001.patch
> YARN Services with simple authentication doesn't respect current UGI
> --------------------------------------------------------------------
>
> Key: YARN-9385
> URL: https://issues.apache.org/jira/browse/YARN-9385
> Project: Hadoop YARN
> Issue Type: Improvement
> Components: security, yarn-native-services
> Reporter: Todd Lipcon
> Priority: Major
> Attachments: YARN-9385.001.patch
>
>
> The ApiServiceClient implementation appends the current username to the
> request URL for "simple" authentication. However, that username is derived
> from the 'user.name' system property instead of the current UGI. That means
> that username spoofing via the 'HADOOP_USER_NAME' variable doesn't take
> effect for HTTP-based calls in the same manner that it does for RPC-based
> calls.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
