hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Benoy Antony (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-12049) Control http authentication cookie persistence via configuration
Date Thu, 18 Jun 2015 03:32:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-12049?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14591178#comment-14591178
] 

Benoy Antony commented on HADOOP-12049:
---------------------------------------

We have some clusters where persistent cookies are allowed. In these clusters, users are not
required to enter credentials every time they open a new browser session. 
We also have clusters where persistent cookies are not allowed. 
So we need to have the ability to configure persistence of cookies.

> Control http authentication cookie persistence via configuration
> ----------------------------------------------------------------
>
>                 Key: HADOOP-12049
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12049
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 3.0.0
>            Reporter: Benoy Antony
>            Assignee: hzlu
>              Labels: patch
>             Fix For: 3.0.0
>
>         Attachments: HADOOP-12049.001.patch, HADOOP-12049.002.patch, HADOOP-12049.003.patch,
HADOOP-12049.patch
>
>
> During http authentication, a cookie is dropped. This is a persistent cookie. The cookie
is valid across browser sessions.
> For clusters which require enhanced security,  it is desirable to have a session cookie
so that cookie gets deleted when the user closes browser session.
> It should be possible to specify cookie persistence (session or persistent) via configuration




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message