You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Tsz Wo (Nicholas), SZE (JIRA)" <ji...@apache.org> on 2013/08/23 07:11:52 UTC
[jira] [Commented] (HADOOP-8855) SSL-based image transfer does not
work when Kerberos is disabled
[ https://issues.apache.org/jira/browse/HADOOP-8855?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13748292#comment-13748292 ]
Tsz Wo (Nicholas), SZE commented on HADOOP-8855:
------------------------------------------------
> Think you mean to remove this debug statement ...
Hi Eli/Todd, in branch-2, [KerberosAuthenticator|http://svn.apache.org/viewvc/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/client/KerberosAuthenticator.java?annotate=1513688] somehow still has the debug statement. Could you fix it? Thank you in advance.
> SSL-based image transfer does not work when Kerberos is disabled
> ----------------------------------------------------------------
>
> Key: HADOOP-8855
> URL: https://issues.apache.org/jira/browse/HADOOP-8855
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 3.0.0, 2.0.2-alpha
> Reporter: Todd Lipcon
> Assignee: Todd Lipcon
> Priority: Minor
> Fix For: 2.0.3-alpha
>
> Attachments: hadoop-8855.txt, hadoop-8855.txt, hadoop-8855.txt
>
>
> In SecurityUtil.openSecureHttpConnection, we first check {{UserGroupInformation.isSecurityEnabled()}}. However, this only checks the kerberos config, which is independent of {{hadoop.ssl.enabled}}. Instead, we should check {{HttpConfig.isSecure()}}.
> Credit to Wing Yew Poon for discovering this bug
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira