Bob Hansen created HDFS-10451:
---------------------------------
Summary: libhdfs++: Look up kerberos principal by username
Key: HDFS-10451
URL: https://issues.apache.org/jira/browse/HDFS-10451
Project: Hadoop HDFS
Issue Type: Sub-task
Reporter: Bob Hansen
SaslProtocol::Negotiate passes the user name directly to the sasl_engine for
authentication; the SASL engines require that.
HDFS maps princpals to usernames by stripping off the realm and hostname. We
should query the ccache for all available tickets, and find the one that best
matches the passed-in username using the HDFS semantics. e.g. if the username
is client1, and we have a ticket for client1/machine1.foo....@foo.com, we
should use that ticket.
If multiple tickets match, the one that most exactly matches the username
(host, realm) should be used.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-h...@hadoop.apache.org
