You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by "Gregory Chanan (JIRA)" <ji...@apache.org> on 2016/01/29 02:32:39 UTC
[jira] [Updated] (SENTRY-1037) Handle solr shell configuration in
the same manner as sentry-binding
[ https://issues.apache.org/jira/browse/SENTRY-1037?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gregory Chanan updated SENTRY-1037:
-----------------------------------
Attachment: SENTRY-1037.patch
> Handle solr shell configuration in the same manner as sentry-binding
> --------------------------------------------------------------------
>
> Key: SENTRY-1037
> URL: https://issues.apache.org/jira/browse/SENTRY-1037
> Project: Sentry
> Issue Type: Bug
> Components: Service, Solr Plugin
> Affects Versions: 1.7.0
> Reporter: Gregory Chanan
> Assignee: Gregory Chanan
> Fix For: 1.7.0
>
> Attachments: SENTRY-1037.patch
>
>
> Today, the SentryShellSolr follows the same pattern as SentryShellHive, which is just getting a "new Configuration()". In order to connect to a service requiring kerberos, the Configuration must have "hadoop.security.authentication" set to "kerberos" since the generic client uses hadoop-auth to do the authentication. But this will often not be set in the context of Solr, which may not even have a hadoop-related configuration around.
> So, we should handle the configuration in the same way as we do for the binding; namely, if the client intends to use kerberos, we set "hadoop.security.authentication" to "kerberos"
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)