You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-dev@hadoop.apache.org by "Juan Carlos Fernandez (JIRA)" <ji...@apache.org> on 2014/05/12 11:35:15 UTC
[jira] [Reopened] (HDFS-5688) Wire-encription in QJM
[ https://issues.apache.org/jira/browse/HDFS-5688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Juan Carlos Fernandez reopened HDFS-5688:
-----------------------------------------
Why has being marked as closed? I wasn't able to run QJM + SSL
> Wire-encription in QJM
> ----------------------
>
> Key: HDFS-5688
> URL: https://issues.apache.org/jira/browse/HDFS-5688
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: ha, journal-node, security
> Affects Versions: 2.2.0
> Reporter: Juan Carlos Fernandez
> Priority: Blocker
> Labels: security
> Attachments: core-site.xml, hdfs-site.xml, jaas.conf, journal.xml, namenode.xml, ssl-client.xml, ssl-server.xml
>
>
> When HA is implemented with QJM and using kerberos, it's not possible to set wire-encrypted data.
> If it's set property hadoop.rpc.protection to something different to authentication it doesn't work propertly, getting the error:
> ERROR security.UserGroupInformation: PriviledgedActionException as:principal@REALM (auth:KERBEROS) cause:javax.security.sasl.SaslException: No common protection layer between client and server
> With NFS as shared storage everything works like a charm
--
This message was sent by Atlassian JIRA
(v6.2#6252)