Zhijie Shen commented on YARN-2247:

[~vvasudev], thanks for your patience on my comments. The new patch looks 
almost good to me. Just some nits:

1. Should not be necessary. Always load TimelineAuthenticationFilter. With 
"simple" type, still the pseudo handler is to used.
+    if (authType.equals("simple") && 
!UserGroupInformation.isSecurityEnabled()) {
+      container.addFilter("authentication",
+        AuthenticationFilter.class.getName(), filterConfig);
+      return;
+    }

2. Check not null first for testMiniKDC and rm? Same for 
+    testMiniKDC.stop();
+    rm.stop();

3. I didn't find the logic to forbid it. Anyway, is it good to mention it in 
the document as well?
+  // Test to make sure that we can't do delegation token
+  // functions using just delegation token auth

> Allow RM web services users to authenticate using delegation tokens
> -------------------------------------------------------------------
>                 Key: YARN-2247
>                 URL: https://issues.apache.org/jira/browse/YARN-2247
>             Project: Hadoop YARN
>          Issue Type: Sub-task
>            Reporter: Varun Vasudev
>            Assignee: Varun Vasudev
>            Priority: Blocker
>         Attachments: apache-yarn-2247.0.patch, apache-yarn-2247.1.patch, 
> apache-yarn-2247.2.patch, apache-yarn-2247.3.patch
> The RM webapp should allow users to authenticate using delegation tokens to 
> maintain parity with RPC.

This message was sent by Atlassian JIRA

Reply via email to