You are viewing a plain text version of this content. The canonical link for it is here.

Posted to hdfs-dev@hadoop.apache.org by "Juan Carlos Fernandez (JIRA)" <ji...@apache.org> on 2014/05/12 11:35:15 UTC

[jira] [Reopened] (HDFS-5688) Wire-encription in QJM

     [ https://issues.apache.org/jira/browse/HDFS-5688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Juan Carlos Fernandez reopened HDFS-5688:
-----------------------------------------


Why has being marked as closed? I wasn't able to run QJM + SSL

> Wire-encription in QJM
> ----------------------
>
>                 Key: HDFS-5688
>                 URL: https://issues.apache.org/jira/browse/HDFS-5688
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: ha, journal-node, security
>    Affects Versions: 2.2.0
>            Reporter: Juan Carlos Fernandez
>            Priority: Blocker
>              Labels: security
>         Attachments: core-site.xml, hdfs-site.xml, jaas.conf, journal.xml, namenode.xml, ssl-client.xml, ssl-server.xml
>
>
> When HA is implemented with QJM and using kerberos, it's not possible to set wire-encrypted data.
> If it's set property hadoop.rpc.protection to something different to authentication it doesn't work propertly, getting the error:
> ERROR security.UserGroupInformation: PriviledgedActionException as:principal@REALM (auth:KERBEROS) cause:javax.security.sasl.SaslException: No common protection layer between client and server
> With NFS as shared storage everything works like a charm



--
This message was sent by Atlassian JIRA
(v6.2#6252)