hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jitendra Nath Pandey (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HDFS-993) Namenode should issue a delegation token only for kerberos authenticated clients.
Date Wed, 14 Apr 2010 19:42:49 GMT

    [ https://issues.apache.org/jira/browse/HDFS-993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12857048#action_12857048
] 

Jitendra Nath Pandey commented on HDFS-993:
-------------------------------------------

> Do we need this limitation enforcement for cancelation of the Tokens? 
 
This check is unnecessary for cancellation because a user canceling its token doesn't lead
to a security flaw. A user cannot cancel other user's tokens unless it is a designated renewer,
therefore it will not cause a denial of service kind of scenario. 

New patch is uploaded addressing comments 1 & 2.

> Namenode should issue a delegation token only for kerberos authenticated clients.
> ---------------------------------------------------------------------------------
>
>                 Key: HDFS-993
>                 URL: https://issues.apache.org/jira/browse/HDFS-993
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>            Reporter: Jitendra Nath Pandey
>            Assignee: Jitendra Nath Pandey
>         Attachments: HDFS-993.1.patch, HDFS-993.3.patch, HDFS-993.4.patch, HDFS-993.5.patch,
HDFS-993.6.patch, HDFS-993.7.patch, HDFS-993.8.patch, HDFS-993.9.patch
>
>
>  This jira is intended to add security check in hdfs to allow issue and renewal of delegation
tokens only for kerberos authenticated clients.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message