You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@sentry.apache.org by "Gregory Chanan (JIRA)" <ji...@apache.org> on 2016/01/29 02:32:39 UTC

[jira] [Updated] (SENTRY-1037) Handle solr shell configuration in the same manner as sentry-binding

     [ https://issues.apache.org/jira/browse/SENTRY-1037?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Gregory Chanan updated SENTRY-1037:
-----------------------------------
    Attachment: SENTRY-1037.patch

> Handle solr shell configuration in the same manner as sentry-binding
> --------------------------------------------------------------------
>
>                 Key: SENTRY-1037
>                 URL: https://issues.apache.org/jira/browse/SENTRY-1037
>             Project: Sentry
>          Issue Type: Bug
>          Components: Service, Solr Plugin
>    Affects Versions: 1.7.0
>            Reporter: Gregory Chanan
>            Assignee: Gregory Chanan
>             Fix For: 1.7.0
>
>         Attachments: SENTRY-1037.patch
>
>
> Today, the SentryShellSolr follows the same pattern as SentryShellHive, which is just getting a "new Configuration()".  In order to connect to a service requiring kerberos, the Configuration must have "hadoop.security.authentication" set to "kerberos" since the generic client uses hadoop-auth to do the authentication.  But this will often not be set in the context of Solr, which may not even have a hadoop-related configuration around.
> So, we should handle the configuration in the same way as we do for the binding; namely, if the client intends to use kerberos, we set "hadoop.security.authentication" to "kerberos"



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)