Return-Path: 
 <hdfs-dev-return-9366-apmail-hadoop-hdfs-dev-archive=hadoop.apache.org@hadoop.apache.org>
X-Original-To: apmail-hadoop-hdfs-dev-archive@minotaur.apache.org
Delivered-To: apmail-hadoop-hdfs-dev-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 34AFCD5BF
	for <apmail-hadoop-hdfs-dev-archive@minotaur.apache.org>;
 Mon, 11 Mar 2013 20:25:17 +0000 (UTC)
Received: (qmail 8315 invoked by uid 500); 11 Mar 2013 20:25:14 -0000
Delivered-To: apmail-hadoop-hdfs-dev-archive@hadoop.apache.org
Received: (qmail 8230 invoked by uid 500); 11 Mar 2013 20:25:13 -0000
Mailing-List: contact hdfs-dev-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:hdfs-dev-help@hadoop.apache.org>
List-Unsubscribe: <mailto:hdfs-dev-unsubscribe@hadoop.apache.org>
List-Post: <mailto:hdfs-dev@hadoop.apache.org>
List-Id: <hdfs-dev.hadoop.apache.org>
Reply-To: hdfs-dev@hadoop.apache.org
Delivered-To: mailing list hdfs-dev@hadoop.apache.org
Received: (qmail 8186 invoked by uid 99); 11 Mar 2013 20:25:13 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 11 Mar 2013 20:25:13 +0000
Date: Mon, 11 Mar 2013 20:25:13 +0000 (UTC)
From: "Daryn Sharp (JIRA)" <jira@apache.org>
To: hdfs-dev@hadoop.apache.org
Message-ID: <JIRA.12636441.1363033493192.420596.1363033513807@arcas>
In-Reply-To: <JIRA.12636441.1363033493192@arcas>
References: <JIRA.12636441.1363033493192@arcas>
Subject: [jira] [Created] (HDFS-4585) Webhdfs sometimes can't negotiate a
 SPNEGO token
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394

Daryn Sharp created HDFS-4585:
---------------------------------

             Summary: Webhdfs sometimes can't negotiate a SPNEGO token
                 Key: HDFS-4585
                 URL: https://issues.apache.org/jira/browse/HDFS-4585
             Project: Hadoop HDFS
          Issue Type: Sub-task
          Components: webhdfs
    Affects Versions: 2.0.0-alpha, 3.0.0, 0.23.7
            Reporter: Daryn Sharp


I'm not sure if this is a curl problem or webhdfs problem, but webhdfs will reject some users because the Authorization header is too big.  In the case below, the header contains 4041 bytes, whereas a keytab user is generating 1745 bytes.  The failed user can use webhdfs via "hadoop fs", but not via curl.

{noformat}
curl -v --negotiate -u : 'http://host/webhdfs/v1/?op=GETDELEGATIONTOKEN'
> GET /webhdfs/v1/?op=GETDELEGATIONTOKEN HTTP/1.1
> Authorization: Negotiate <<4041 bytes>>
> User-Agent: curl/7.19.5
> Host: host
> Accept: */*
> 
< HTTP/1.1 413 FULL head
< Connection: close
< Server: Jetty(6.1.26)
{noformat}



--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira