[ https://issues.apache.org/jira/browse/HDFS-993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12857048#action_12857048
]
Jitendra Nath Pandey commented on HDFS-993:
-------------------------------------------
> Do we need this limitation enforcement for cancelation of the Tokens?
This check is unnecessary for cancellation because a user canceling its token doesn't lead
to a security flaw. A user cannot cancel other user's tokens unless it is a designated renewer,
therefore it will not cause a denial of service kind of scenario.
New patch is uploaded addressing comments 1 & 2.
> Namenode should issue a delegation token only for kerberos authenticated clients.
> ---------------------------------------------------------------------------------
>
> Key: HDFS-993
> URL: https://issues.apache.org/jira/browse/HDFS-993
> Project: Hadoop HDFS
> Issue Type: New Feature
> Reporter: Jitendra Nath Pandey
> Assignee: Jitendra Nath Pandey
> Attachments: HDFS-993.1.patch, HDFS-993.3.patch, HDFS-993.4.patch, HDFS-993.5.patch,
HDFS-993.6.patch, HDFS-993.7.patch, HDFS-993.8.patch, HDFS-993.9.patch
>
>
> This jira is intended to add security check in hdfs to allow issue and renewal of delegation
tokens only for kerberos authenticated clients.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
|