[
https://issues.apache.org/jira/browse/YARN-2156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14030639#comment-14030639
]
Daryn Sharp commented on YARN-2156:
-----------------------------------
A warning doesn't make sense because it implies there is something you should
change. There's not. The config setting, whether explicitly set or not, is
entirely irrelevant. By design, yarn always uses tokens and these tokens carry
essential information that is not otherwise obtainable for non-token
authenticated connections. That's why token authentication is explicitly set.
> ApplicationMasterService#serviceStart() method has hardcoded AuthMethod.TOKEN
> as security configuration
> -------------------------------------------------------------------------------------------------------
>
> Key: YARN-2156
> URL: https://issues.apache.org/jira/browse/YARN-2156
> Project: Hadoop YARN
> Issue Type: Bug
> Reporter: Svetozar Ivanov
>
> org.apache.hadoop.yarn.server.resourcemanager.ApplicationMasterService#serviceStart()
> method has mistakenly hardcoded AuthMethod.TOKEN as Hadoop security
> authentication.
> It looks like that:
> {code}
> @Override
> protected void serviceStart() throws Exception {
> Configuration conf = getConfig();
> YarnRPC rpc = YarnRPC.create(conf);
> InetSocketAddress masterServiceAddress = conf.getSocketAddr(
> YarnConfiguration.RM_SCHEDULER_ADDRESS,
> YarnConfiguration.DEFAULT_RM_SCHEDULER_ADDRESS,
> YarnConfiguration.DEFAULT_RM_SCHEDULER_PORT);
> Configuration serverConf = conf;
> // If the auth is not-simple, enforce it to be token-based.
> serverConf = new Configuration(conf);
> serverConf.set(
> CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
> SaslRpcServer.AuthMethod.TOKEN.toString());
>
> ...
> }
> {code}
> Obviously such code makes sense only if
> CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION config setting
> is missing.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
