Till Rohrmann created FLINK-5055:
------------------------------------
Summary: Security feature crashes JM for certain Hadoop versions
even though using no Kerberos
Key: FLINK-5055
URL: https://issues.apache.org/jira/browse/FLINK-5055
Project: Flink
Issue Type: Bug
Components: Security
Affects Versions: 1.2.0
Reporter: Till Rohrmann
Priority: Critical
Fix For: 1.2.0
A user reported [1] that the {{JobManager}} does not start when using Flink
with Hadoop-2.7.0-mapr-1607 and no security activated because of
{code}
javax.security.auth.login.LoginException: Unable to obtain Principal Name for
authentication
at
com.sun.security.auth.module.Krb5LoginModule.promptForName(Krb5LoginModule.java:841)
at
com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:704)
at
com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617)
{code}
It seems that this Hadoop version always tries to login via Kerberos even
though the user did not activate it and, thus, should use
{{AuthenticationMode.SIMPLE}}.
I'm not really familiar with the security feature, but my understanding is that
it should not have any effect on Flink when not activated. I might be wrong
here, but if not, then we should fix this problem for 1.2.0 because it prevents
people from using Flink.
[1]
http://apache-flink-mailing-list-archive.1008284.n3.nabble.com/Flink-using-Yarn-on-MapR-td14484.html
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
