You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Arun Suresh (JIRA)" <ji...@apache.org> on 2014/10/08 18:02:33 UTC
[jira] [Created] (HADOOP-11176) KMSClientProvider authentication
fails when when both currentUgi and loginUgi is a proxied user
Arun Suresh created HADOOP-11176:
------------------------------------
Summary: KMSClientProvider authentication fails when when both currentUgi and loginUgi is a proxied user
Key: HADOOP-11176
URL: https://issues.apache.org/jira/browse/HADOOP-11176
Project: Hadoop Common
Issue Type: Bug
Reporter: Arun Suresh
In a secure environment, with kerberos, when the KMSClientProvider instance is created in the context of a proxied user, The initial SPNEGO handshake is made with the currentUser (the proxied user) as the Principal.. this will fail, since the proxied user is not logged in.
The handshake must be done using the real user.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)