You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Todd Lipcon (JIRA)" <ji...@apache.org> on 2011/01/06 19:35:47 UTC

[jira] Updated: (HADOOP-7070) JAAS configuration should delegate unknown application names to pre-existing configuration

     [ https://issues.apache.org/jira/browse/HADOOP-7070?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Todd Lipcon updated HADOOP-7070:
--------------------------------

       Resolution: Fixed
    Fix Version/s: 0.22.0
     Hadoop Flags: [Reviewed]
           Status: Resolved  (was: Patch Available)

Committed to trunk and 0.22

> JAAS configuration should delegate unknown application names to pre-existing configuration
> ------------------------------------------------------------------------------------------
>
>                 Key: HADOOP-7070
>                 URL: https://issues.apache.org/jira/browse/HADOOP-7070
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 0.22.0, 0.23.0
>            Reporter: Todd Lipcon
>            Assignee: Todd Lipcon
>            Priority: Critical
>             Fix For: 0.22.0
>
>         Attachments: hadoop-7070.2.txt, hadoop-7070.txt, hadoop-7070.txt
>
>
> As reported here: https://issues.cloudera.org/browse/DISTRO-66 it is impossible to use secured Hadoop inside an application that relies on other JAAS configurations. This is because the static initializer of UserGroupInformation replaces the JAAS configuration, but we don't delegate unknown applications up to whatever Configuration was installed previously. The delegation technique seems to be used by JBoss's XMLLoginConfigImpl for example.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.