You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Arpit Agarwal (JIRA)" <ji...@apache.org> on 2015/11/25 20:58:11 UTC
[jira] [Commented] (HADOOP-10776) Open up Delegation token fetching
and renewal to STORM (Possibly others)
[ https://issues.apache.org/jira/browse/HADOOP-10776?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15027493#comment-15027493 ]
Arpit Agarwal commented on HADOOP-10776:
----------------------------------------
+1 on marking them public. Apart from downstream projects many applications have come to rely on these interfaces.
> Open up Delegation token fetching and renewal to STORM (Possibly others)
> ------------------------------------------------------------------------
>
> Key: HADOOP-10776
> URL: https://issues.apache.org/jira/browse/HADOOP-10776
> Project: Hadoop Common
> Issue Type: Improvement
> Reporter: Robert Joseph Evans
> Priority: Blocker
>
> Storm would like to be able to fetch delegation tokens and forward them on to running topologies so that they can access HDFS (STORM-346). But to do so we need to open up access to some of APIs.
> Most notably FileSystem.addDelegationTokens(), Token.renew, Credentials.getAllTokens, and UserGroupInformation but there may be others.
> At a minimum adding in storm to the list of allowed API users. But ideally making them public. Restricting access to such important functionality to just MR really makes secure HDFS inaccessible to anything except MR, or tools that reuse MR input formats.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)