hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-8314) HttpServer#hasAdminAccess should return false if authorization is enabled but user is not authenticated
Date Wed, 25 Apr 2012 16:04:21 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-8314?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Alejandro Abdelnur updated HADOOP-8314:
---------------------------------------

    Attachment: HADOOP-8314_branch-1.patch

patch for branch-1
                
> HttpServer#hasAdminAccess should return false if authorization is enabled but user is
not authenticated
> -------------------------------------------------------------------------------------------------------
>
>                 Key: HADOOP-8314
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8314
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 1.1.0, 2.0.0, 3.0.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Alejandro Abdelnur
>             Fix For: 2.0.0
>
>         Attachments: HADOOP-8314.patch, HADOOP-8314.patch, HADOOP-8314_branch-1.patch
>
>
> If the user is not authenticated (request.getRemoteUser() returns NULL) or there is not
authentication filter configured (thus returning also NULL), hasAdminAccess should return
false. Note that a filter could allow anonymous access, thus the first case.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message