[
https://issues.apache.org/jira/browse/HADOOP-6951?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12915864#action_12915864
]
Aaron T. Myers commented on HADOOP-6951:
----------------------------------------
Hi Tom,
I've now run test-core and test-patch on both HDFS-1399 and MAPREDUCE-2067.
Would you mind taking another look at this?
Thanks a lot,
Aaron
> Distinct minicluster services (e.g. NN and JT) overwrite each other's service
> policies
> --------------------------------------------------------------------------------------
>
> Key: HADOOP-6951
> URL: https://issues.apache.org/jira/browse/HADOOP-6951
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Aaron T. Myers
> Assignee: Aaron T. Myers
> Fix For: 0.22.0
>
> Attachments: hadoop-6951.1.txt, hadoop-6951.2.txt, hadoop-6951.txt.0
>
>
> Because the protocol -> ACL mapping in ServiceAuthorizationManager is static,
> services which are run in the same JVM have the potential to clobber the
> other's service authorization ACLs whenever
> ServiceAuthorizationManager.refresh() is called. This causes authorization
> failures if one tries to launch a 2NN connected to a minicluster with
> hadoop.security.authorization enabled. Seems like each service should have
> its own instance of a ServiceAuthorizationManager, instead of using static
> methods.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
