hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tsz Wo Nicholas Sze (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-10416) If there is an expired token, PseudoAuthenticationHandler should renew it
Date Mon, 24 Mar 2014 21:06:44 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10416?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13945691#comment-13945691
] 

Tsz Wo Nicholas Sze commented on HADOOP-10416:
----------------------------------------------

> With the patch, no matter anonymous is enabled or not, user will be authenticated by
the (expired) token.

This is the similar to "no matter anonymous is enabled or not, user will be authenticated
by the value of user.name parameter, if it presents in the request."

I should mention the following case:
-  If client does not provide a token in the request, the patch does no change.

> If there is an expired token, PseudoAuthenticationHandler should renew it
> -------------------------------------------------------------------------
>
>                 Key: HADOOP-10416
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10416
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>            Reporter: Tsz Wo Nicholas Sze
>            Assignee: Tsz Wo Nicholas Sze
>            Priority: Minor
>         Attachments: c10416_20140321.patch, c10416_20140322.patch
>
>
> PseudoAuthenticationHandler currently only gets username from the "user.name" parameter.
 It should also renew expired auth token if it is available in the cookies.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message