Merged r1179919 from branch-0.20-security for HDFS-2411.
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/branch-0.20-security-205@1179921 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/CHANGES.txt b/CHANGES.txt
index 3f13515..8965162 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -283,6 +283,9 @@
HADOOP-7724. Fixed hadoop-setup-conf.sh to put proxy user in
core-site.xml. (Arpit Gupta via Eric Yang)
+ HDFS-2411. With webhdfs enabled in secure mode the auth to local mappings
+ are not being respected. (jitendra)
+
IMPROVEMENTS
MAPREDUCE-2928. MR-2413 improvements (Eli Collins via mattf)
diff --git a/src/core/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java b/src/core/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java
index 5e43d27..a5310b1 100644
--- a/src/core/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java
+++ b/src/core/org/apache/hadoop/security/authentication/server/KerberosAuthenticationHandler.java
@@ -151,9 +151,6 @@
throw new ServletException("Keytab does not exist: " + keytab);
}
- String nameRules = config.getProperty(NAME_RULES, "DEFAULT");
- KerberosName.setRules(nameRules);
-
Set<Principal> principals = new HashSet<Principal>();
principals.add(new KerberosPrincipal(principal));
Subject subject = new Subject(false, principals, new HashSet<Object>(), new HashSet<Object>());
diff --git a/src/hdfs/org/apache/hadoop/hdfs/server/namenode/NameNode.java b/src/hdfs/org/apache/hadoop/hdfs/server/namenode/NameNode.java
index 26d955e..8fbcdb0 100644
--- a/src/hdfs/org/apache/hadoop/hdfs/server/namenode/NameNode.java
+++ b/src/hdfs/org/apache/hadoop/hdfs/server/namenode/NameNode.java
@@ -396,8 +396,6 @@
DFSConfigKeys.DFS_WEB_AUTHENTICATION_KERBEROS_KEYTAB_KEY,
httpKeytab);
}
- params.put("kerberos.name.rules",
- conf.get("hadoop.security.auth_to_local", "DEFAULT"));
return params;
}
};