You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@phoenix.apache.org by "Istvan Toth (Jira)" <ji...@apache.org> on 2023/03/18 17:21:00 UTC
[jira] [Commented] (PHOENIX-6913) Follow up on Jetty/Hadoop kerberos principal hostname/realm issues
[ https://issues.apache.org/jira/browse/PHOENIX-6913?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17702151#comment-17702151 ]
Istvan Toth commented on PHOENIX-6913:
--------------------------------------
See the discussion on [https://github.com/apache/phoenix-queryserver/pull/123] for Josh's insights.
> Follow up on Jetty/Hadoop kerberos principal hostname/realm issues
> ------------------------------------------------------------------
>
> Key: PHOENIX-6913
> URL: https://issues.apache.org/jira/browse/PHOENIX-6913
> Project: Phoenix
> Issue Type: Task
> Components: queryserver
> Reporter: Istvan Toth
> Priority: Major
>
> With the new Jetty SPNEGO brought in with Avatica 1.20.0 +, we have to do some gymnasitics to get Hadoop to accept the principal.
> Review why Hadoop won't accept some user/host.name format principals, and whether Jetty stripping the realm from the principal as returned by is a bug or not.
> Also figure out whether having different users with the same username in different realms is even a possibility in Kerberos and Hadoop.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)