You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@phoenix.apache.org by "Istvan Toth (Jira)" <ji...@apache.org> on 2023/03/18 17:21:00 UTC

[jira] [Commented] (PHOENIX-6913) Follow up on Jetty/Hadoop kerberos principal hostname/realm issues

    [ https://issues.apache.org/jira/browse/PHOENIX-6913?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17702151#comment-17702151 ] 

Istvan Toth commented on PHOENIX-6913:
--------------------------------------

See the discussion on [https://github.com/apache/phoenix-queryserver/pull/123] for Josh's insights.

> Follow up on Jetty/Hadoop kerberos principal hostname/realm issues
> ------------------------------------------------------------------
>
>                 Key: PHOENIX-6913
>                 URL: https://issues.apache.org/jira/browse/PHOENIX-6913
>             Project: Phoenix
>          Issue Type: Task
>          Components: queryserver
>            Reporter: Istvan Toth
>            Priority: Major
>
> With the new Jetty SPNEGO brought in with Avatica 1.20.0 +, we have to do some gymnasitics to get Hadoop to accept the principal.
> Review why Hadoop won't accept some user/host.name format principals, and whether Jetty stripping the realm from the principal as returned by  is a bug or not.
> Also figure out whether having different users with the same username in different realms is even a possibility in Kerberos and Hadoop.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)