Home | About | Sematext search-lucene.com search-hadoop.com
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB
 Search Hadoop and all its subprojects:

Switch to Plain View
Hadoop >> mail # dev >> regarding _HOST token replacement in security hadoop


+
Wangwenli 2012-07-27, 01:11
Copy link to this message
-
Re: regarding _HOST token replacement in security hadoop
what version of hadoop are you using?

also

dfs.web.authentication.kerberos.principal should be set to HTTP/[EMAIL PROTECTED]

--
Arpit Gupta
Hortonworks Inc.
http://hortonworks.com/

On Jul 26, 2012, at 6:11 PM, Wangwenli <[EMAIL PROTECTED]> wrote:

> Hi all,
>
>   I configured like below in hdfs-site.xml:
>
> <property>
>  <name>dfs.namenode.kerberos.principal</name>
>  <value>nn/_HOST@site</value>
> </property>
>
>
> <property>
>    <name>dfs.web.authentication.kerberos.principal</name>
>    <value>nn/_HOST@site</value>
> </property>
>
>
>   When  start up namenode, I found, namenode will use principal : nn/167-52-0-56@site to login, but the http server will use nn/167-52-0-56.site@site<mailto:nn/167-52-0-56.site@site> to lgin,  so it start failed.
>
> I checked the code,
>
> Namenode will use socAddr.getHostName() to get hostname in org.apache.hadoop.hdfs.server.namenode.NameNode.loginAsNameNodeUser.
>
>
> But httpserver 's default hostname is 0.0.0.0, so in org.apache.hadoop.security.SecurityUtil.replacePattern, it will get the hostname by invoking getLocalHostName,there it use getCanonicalHostName(),
>
> I think this inconsistent is wrong,  can someone confirm this? Need raise one bug ?
>
> Thanks
>

+
Wangwenli 2012-07-27, 01:54
+
Arpit Gupta 2012-07-27, 02:02
+
Wangwenli 2012-07-27, 02:32
+
Arpit Gupta 2012-07-27, 20:57
+
Aaron T. Myers 2012-07-30, 16:28
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB