[ https://issues.apache.org/jira/browse/YARN-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14070165#comment-14070165 ]
Zhijie Shen commented on YARN-2247: ----------------------------------- [~vvasudev], thanks for your patience on my comments. The new patch looks almost good to me. Just some nits: 1. Should not be necessary. Always load TimelineAuthenticationFilter. With "simple" type, still the pseudo handler is to used. {code} + if (authType.equals("simple") && !UserGroupInformation.isSecurityEnabled()) { + container.addFilter("authentication", + AuthenticationFilter.class.getName(), filterConfig); + return; + } {code} 2. Check not null first for testMiniKDC and rm? Same for TestRMWebappAuthentication {code} + testMiniKDC.stop(); + rm.stop(); {code} 3. I didn't find the logic to forbid it. Anyway, is it good to mention it in the document as well? {code} + // Test to make sure that we can't do delegation token + // functions using just delegation token auth {code} > Allow RM web services users to authenticate using delegation tokens > ------------------------------------------------------------------- > > Key: YARN-2247 > URL: https://issues.apache.org/jira/browse/YARN-2247 > Project: Hadoop YARN > Issue Type: Sub-task > Reporter: Varun Vasudev > Assignee: Varun Vasudev > Priority: Blocker > Attachments: apache-yarn-2247.0.patch, apache-yarn-2247.1.patch, > apache-yarn-2247.2.patch, apache-yarn-2247.3.patch > > > The RM webapp should allow users to authenticate using delegation tokens to > maintain parity with RPC. -- This message was sent by Atlassian JIRA (v6.2#6252)