[
https://issues.apache.org/jira/browse/YARN-2247?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14070165#comment-14070165
]
Zhijie Shen commented on YARN-2247:
-----------------------------------
[~vvasudev], thanks for your patience on my comments. The new patch looks
almost good to me. Just some nits:
1. Should not be necessary. Always load TimelineAuthenticationFilter. With
"simple" type, still the pseudo handler is to used.
{code}
+ if (authType.equals("simple") &&
!UserGroupInformation.isSecurityEnabled()) {
+ container.addFilter("authentication",
+ AuthenticationFilter.class.getName(), filterConfig);
+ return;
+ }
{code}
2. Check not null first for testMiniKDC and rm? Same for
TestRMWebappAuthentication
{code}
+ testMiniKDC.stop();
+ rm.stop();
{code}
3. I didn't find the logic to forbid it. Anyway, is it good to mention it in
the document as well?
{code}
+ // Test to make sure that we can't do delegation token
+ // functions using just delegation token auth
{code}
> Allow RM web services users to authenticate using delegation tokens
> -------------------------------------------------------------------
>
> Key: YARN-2247
> URL: https://issues.apache.org/jira/browse/YARN-2247
> Project: Hadoop YARN
> Issue Type: Sub-task
> Reporter: Varun Vasudev
> Assignee: Varun Vasudev
> Priority: Blocker
> Attachments: apache-yarn-2247.0.patch, apache-yarn-2247.1.patch,
> apache-yarn-2247.2.patch, apache-yarn-2247.3.patch
>
>
> The RM webapp should allow users to authenticate using delegation tokens to
> maintain parity with RPC.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
