hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-8043) KerberosAuthenticationFilter and friends have some problems
Date Thu, 09 Feb 2012 21:34:57 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-8043?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13204898#comment-13204898
] 

Alejandro Abdelnur commented on HADOOP-8043:
--------------------------------------------

Regarding #2, i'm a bit confused here, this is already done by in the AuthenticationFilterInitializer,
and this is branch-1 already. The code in the filter is generic to integrate in other systems.
Also in your patch you are moving the logincontext initialization from the init() to the authenticate()
method. This would trigger logincontext initialization every single request, it does not seem
correct.


                
> KerberosAuthenticationFilter and friends have some problems
> -----------------------------------------------------------
>
>                 Key: HADOOP-8043
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8043
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 1.0.0
>            Reporter: Allen Wittenauer
>            Priority: Critical
>         Attachments: HADOOP-8043-branch-1.0.txt
>
>
> KerberosAuthenticationFilter and friends have three killer usability issues and bugs:
> 1. Documentation is misleading/wrong.
> 2. Shared secret stored in a world readable file.
> 3. Lacks support for _HOST macro

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message