hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jing Zhao (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDFS-4564) Webhdfs returns incorrect http response codes for denied operations
Date Fri, 28 Mar 2014 21:03:15 GMT

    [ https://issues.apache.org/jira/browse/HDFS-4564?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13951379#comment-13951379
] 

Jing Zhao commented on HDFS-4564:
---------------------------------

bq.  I'm scrambling to get production hardening of webhdfs (more jiras to follow) before the
summit so can I move it in a later jira?
Sure. I'm fine with it.

bq. Checking the TGT is necessary for explicitly getting, renewing, or canceling a token.
The current code also covers this for explicitly getting, renewing, or canceling a token.
Your patch changes this part and pass false to the url factory so it bypasses the use of authenticated
url (per your comments in HADOOP-10301). Could you give more details how it works without
using the authenticated url?

> Webhdfs returns incorrect http response codes for denied operations
> -------------------------------------------------------------------
>
>                 Key: HDFS-4564
>                 URL: https://issues.apache.org/jira/browse/HDFS-4564
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: webhdfs
>    Affects Versions: 0.23.0, 2.0.0-alpha, 3.0.0
>            Reporter: Daryn Sharp
>            Assignee: Daryn Sharp
>            Priority: Blocker
>         Attachments: HDFS-4564.branch-23.patch, HDFS-4564.branch-23.patch, HDFS-4564.branch-23.patch,
HDFS-4564.patch, HDFS-4564.patch
>
>
> Webhdfs is returning 401 (Unauthorized) instead of 403 (Forbidden) when it's denying
operations.  Examples including rejecting invalid proxy user attempts and renew/cancel with
an invalid user.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message