hadoop-mapreduce-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jonathan Eagles (Updated) (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (MAPREDUCE-3878) Null user on filtered jobhistory job page
Date Fri, 17 Feb 2012 22:50:57 GMT

     [ https://issues.apache.org/jira/browse/MAPREDUCE-3878?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jonathan Eagles updated MAPREDUCE-3878:
---------------------------------------

    Description: If jobhistory/job.* is filtered to bypass acl, resulting page will always
show Null user. This differs from 0.20 where filtering on this page, bypasses security to
allow all access to the page. essentially passes a null user to AppController where an exception
is thrown. If a null user is detected, we should acl checking is disabled on this page.  (was:
If jobhistory/job.* is included in the byauth.bypass.paths. URL will always show Null user.
This differs from 0.20 where this setting disables security on this page. Bypassing the filter
essentially passes a null user to AppController where an exception is thrown. If a null user
is detected, we should assume security is disabled on this page.)
        Summary: Null user on filtered jobhistory job page  (was: byauth bypass paths doesn't
work on jobhistory job page)
    
> Null user on filtered jobhistory job page
> -----------------------------------------
>
>                 Key: MAPREDUCE-3878
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-3878
>             Project: Hadoop Map/Reduce
>          Issue Type: Bug
>          Components: mrv2
>    Affects Versions: 0.23.1
>            Reporter: Jonathan Eagles
>            Assignee: Jonathan Eagles
>            Priority: Critical
>         Attachments: MAPREDUCE-3878.patch
>
>
> If jobhistory/job.* is filtered to bypass acl, resulting page will always show Null user.
This differs from 0.20 where filtering on this page, bypasses security to allow all access
to the page. essentially passes a null user to AppController where an exception is thrown.
If a null user is detected, we should acl checking is disabled on this page.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message