You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Owen O'Malley (JIRA)" <ji...@apache.org> on 2010/03/03 18:28:27 UTC
[jira] Commented: (HADOOP-6603) Provide workaround for issue with
Kerberos not resolving cross-realm principal
[ https://issues.apache.org/jira/browse/HADOOP-6603?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12840745#action_12840745 ]
Owen O'Malley commented on HADOOP-6603:
---------------------------------------
I don't think that the check to make sure the 2 component of the krbtgt is the realm is necessary. Other than that, it looks good.
> Provide workaround for issue with Kerberos not resolving cross-realm principal
> ------------------------------------------------------------------------------
>
> Key: HADOOP-6603
> URL: https://issues.apache.org/jira/browse/HADOOP-6603
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Jakob Homan
> Attachments: HADOOP-6603-Y20S-2.patch, HADOOP-6603-Y20S-3.patch, HADOOP-6603-Y20S.patch
>
>
> Java's SSL-Kerberos implementation does not correctly obtain the principal for cross-realm principles when clients initiate connections to servers, resulting in the client being unable to authenticate the server. We need a work-around until this bug gets fixed.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.