hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jitendra Nath Pandey (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HDFS-993) Namenode should issue a delegation token only for kerberos authenticated clients.
Date Wed, 14 Apr 2010 19:42:49 GMT

    [ https://issues.apache.org/jira/browse/HDFS-993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12857048#action_12857048

Jitendra Nath Pandey commented on HDFS-993:

> Do we need this limitation enforcement for cancelation of the Tokens? 
This check is unnecessary for cancellation because a user canceling its token doesn't lead
to a security flaw. A user cannot cancel other user's tokens unless it is a designated renewer,
therefore it will not cause a denial of service kind of scenario. 

New patch is uploaded addressing comments 1 & 2.

> Namenode should issue a delegation token only for kerberos authenticated clients.
> ---------------------------------------------------------------------------------
>                 Key: HDFS-993
>                 URL: https://issues.apache.org/jira/browse/HDFS-993
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>            Reporter: Jitendra Nath Pandey
>            Assignee: Jitendra Nath Pandey
>         Attachments: HDFS-993.1.patch, HDFS-993.3.patch, HDFS-993.4.patch, HDFS-993.5.patch,
HDFS-993.6.patch, HDFS-993.7.patch, HDFS-993.8.patch, HDFS-993.9.patch
>  This jira is intended to add security check in hdfs to allow issue and renewal of delegation
tokens only for kerberos authenticated clients.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message