You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flink.apache.org by "Victor Wong (JIRA)" <ji...@apache.org> on 2019/04/19 01:19:00 UTC
[jira] [Comment Edited] (FLINK-12130) Apply command line options to
configuration before installing security modules
[ https://issues.apache.org/jira/browse/FLINK-12130?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16817050#comment-16817050 ]
Victor Wong edited comment on FLINK-12130 at 4/19/19 1:18 AM:
--------------------------------------------------------------
Hi [~aljoscha], I have created a PR with your advice, [https://github.com/apache/flink/pull/8166|https://github.com/apache/flink/pull/8166.]
I tried to make the patch as simple as possible, but it seems like I "failed", because I have to change the behavior of `org.apache.flink.client.cli.CliFrontend#parseParameters` to return the correct `CommandLine` for different actions.
Maybe there is a better way, looking forward to your advice.
was (Author: victor-wong):
Hi [~aljoscha], I have created a PR with your advice, [https://github.com/apache/flink/pull/8166.]
I tried to make the patch as simple as possible, but it seems like I "failed", because I have to change the behavior of `org.apache.flink.client.cli.CliFrontend#parseParameters` to return the correct `CommandLine` for different actions.
Maybe there is a better way, looking forward to your advice.
> Apply command line options to configuration before installing security modules
> ------------------------------------------------------------------------------
>
> Key: FLINK-12130
> URL: https://issues.apache.org/jira/browse/FLINK-12130
> Project: Flink
> Issue Type: Improvement
> Components: Command Line Client
> Reporter: Victor Wong
> Assignee: Victor Wong
> Priority: Major
>
> Currently if the user configures Kerberos credentials through command line, it won't work.
> {code:java}
> // flink run -m yarn-cluster -yD security.kerberos.login.keytab=/path/to/keytab -yD security.kerberos.login.principal=xxx /path/to/test.jar
> {code}
> Above command would cause security failure if you do not have a ticket cache w/ kinit.
> Maybe we could call _org.apache.flink.client.cli.AbstractCustomCommandLine#applyCommandLineOptionsToConfiguration_ before _SecurityUtils.install(new SecurityConfiguration(cli.configuration));_
> Here is a demo patch: [https://github.com/jiasheng55/flink/commit/ef6880dba8a1f36849f5d1bb308405c421b29986]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)