You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@storm.apache.org by kishorvpatil <gi...@git.apache.org> on 2018/08/28 16:40:57 UTC
[GitHub] storm pull request #2814: [STORM-3207] Fix Sasl Plugin to use WorkerToken
GitHub user kishorvpatil opened a pull request:
https://github.com/apache/storm/pull/2814
[STORM-3207] Fix Sasl Plugin to use WorkerToken
The `doAsUser` is null for DRPCClient. If WorkerToken is found, it should use it.
Also, setting on `addServerDefinition` to `localhost` literal string is incorrect on server side.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/kishorvpatil/incubator-storm storm3207
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/storm/pull/2814.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #2814
----
commit 9f815caafe82164e1b22ddfacdc227f28cb4afad
Author: Kishor Patil <kp...@...>
Date: 2018-08-28T16:34:52Z
Fix Sasl Plugin to use WorkerToken
----
---
[GitHub] storm issue #2814: [STORM-3207] Fix Sasl Plugin to use WorkerToken
Posted by revans2 <gi...@git.apache.org>.
Github user revans2 commented on the issue:
https://github.com/apache/storm/pull/2814
Thanks for finding and fixing these bugs.
---
[GitHub] storm pull request #2814: [STORM-3207] Fix Sasl Plugin to use WorkerToken
Posted by asfgit <gi...@git.apache.org>.
Github user asfgit closed the pull request at:
https://github.com/apache/storm/pull/2814
---
[GitHub] storm pull request #2814: [STORM-3207] Fix Sasl Plugin to use WorkerToken
Posted by revans2 <gi...@git.apache.org>.
Github user revans2 commented on a diff in the pull request:
https://github.com/apache/storm/pull/2814#discussion_r214079084
--- Diff: storm-client/src/jvm/org/apache/storm/security/auth/kerberos/KerberosSaslTransportPlugin.java ---
@@ -119,7 +119,7 @@ private Login mkLogin() throws IOException {
@Override
public TTransport connect(TTransport transport, String serverHost, String asUser) throws IOException, TTransportException {
WorkerToken token = WorkerTokenClientCallbackHandler.findWorkerTokenInSubject(type);
- if (token != null && asUser != null) {
--- End diff --
The reason I had `asUser != null`, is because tokens done support user impersonation, but I got it wrong, and it should have been `asUser == null`. But this should be fine. If it becomes an issue we can add in support for asUser if needed
---