Uploaded image for project: 'CDAP'
  1. CDAP
  2. CDAP-8407

Impersonated namespace creation should not get keytab from the keytab dir but use the one being passed

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 4.1.0
    • Fix Version/s: 4.1.0
    • Component/s: Namespaces, Security
    • Labels:
      None
    • Rank:
      1|hzzudj:

      Description

      In 4.1 we introduced a configuration in cdap which is set to keytab directory path and to impersonate a user we look his keytab in the dir. This is done to support app level impersonation.

      Although namespace impersonation from previous releases take a principal and keytab uri and should use the specified keytab uri (provided during create operation) rather than looking for the keytab file in the specified directory from the principal name

        Attachments

          Activity

            People

            • Assignee:
              andreas Andreas Neumann
              Reporter:
              rsinha Rohit Sinha
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: