You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-dev@hadoop.apache.org by "Guillaume Nodet (JIRA)" <ji...@apache.org> on 2012/07/06 16:05:35 UTC

[jira] [Created] (HADOOP-8572) Have the ability to force the use of the login user

Guillaume Nodet created HADOOP-8572:
---------------------------------------

             Summary: Have the ability to force the use of the login user 
                 Key: HADOOP-8572
                 URL: https://issues.apache.org/jira/browse/HADOOP-8572
             Project: Hadoop Common
          Issue Type: Improvement
            Reporter: Guillaume Nodet


In Karaf, most of the code is run under the "karaf" user. When a user ssh into Karaf, commands will be executed under that user.
Deploying hadoop inside Karaf requires that the authenticated Subject has the required hadoop principals set, which forces the reconfiguration of the whole security layer, even at dev time.

My patch proposes the introduction of a new configuration property {{hadoop.security.force.login.user}} which if set to true (it would default to false to keep the current behavior), would force the use of the login user instead of using the authenticated subject (which is what happen when there's no authenticated subject at all).  This greatly simplifies the use of hadoop in such environments where security isn't really needed (at dev time).

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira