hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron T. Myers (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-9019) KerberosAuthenticator.doSpnegoSequence(..) should create a HTTP principal with hostname everytime
Date Mon, 12 Nov 2012 20:29:12 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-9019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13495596#comment-13495596

Aaron T. Myers commented on HADOOP-9019:

I agree with you, Allen, but I think the thing that Vinay is trying to do is use principals
that contain FQDNs, but put IP addresses in the config files for the hosts. My understanding
is that Vinay is proposing that we make Hadoop perform the reverse DNS lookup you're referring

Vinay: please correct me if I misunderstand your issue or proposal.
> KerberosAuthenticator.doSpnegoSequence(..) should create a HTTP principal with hostname
> --------------------------------------------------------------------------------------------------
>                 Key: HADOOP-9019
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9019
>             Project: Hadoop Common
>          Issue Type: Bug
>            Reporter: Vinay
> in KerberosAuthenticator.doSpnegoSequence(..) following line of code will just create
a principal of the form "HTTP/<host>",
> {code}            String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP",
>                 KerberosAuthenticator.this.url.getHost());{code}
>  but uri.getHost() is not sure of always getting hostname. If uri contains IP, then it
just returns IP.
> For SPNEGO authentication principal should always be created with <hostname>.
> This code should be something like this, which will look /etc/hosts to get hostname
> {code}            String hostname = InetAddress.getByName(
>                 KerberosAuthenticator.this.url.getHost()).getHostName();
> String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP",
>                 hostname);{code}

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message