hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-11099) KMS return HTTP UNAUTHORIZED 401 on ACL failure
Date Wed, 17 Sep 2014 17:56:34 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-11099?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14137639#comment-14137639
] 

Alejandro Abdelnur commented on HADOOP-11099:
---------------------------------------------

[~hitliuyi], the {{KMSExceptionsProvider}} only kicks when {{KMS}} processing throws an exception.
{{KMS}} processing kicks in only if the HTTP request has been properly authenticated. The
only reason you could get an {{AuthenticatioException}} here is because the backend used by
KMS throws that exception. If that happens,KMS triggering a login request won't help, thus
the FORBIDDEN.

> KMS return HTTP UNAUTHORIZED 401 on ACL failure
> -----------------------------------------------
>
>                 Key: HADOOP-11099
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11099
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 2.6.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Alejandro Abdelnur
>         Attachments: HADOOP-11099.patch
>
>
> The usual error, HTTP UNAUTHORIZED means is for authentication, not for authorization.
> KMS should return HTTP FORBIDDEN in case of ACL failure.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message