hadoop-yarn-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gergely Novák (JIRA) <j...@apache.org>
Subject [jira] [Commented] (YARN-8277) [UI2] Changing the user name for service in the new UI does not update the hadoop.auth cookie
Date Wed, 16 May 2018 11:58:00 GMT

    [ https://issues.apache.org/jira/browse/YARN-8277?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16477302#comment-16477302
] 

Gergely Novák commented on YARN-8277:
-------------------------------------

Additional info: the hadoop.auth cookie is HttpOnly, so I can't simply delete it from client
side..

> [UI2] Changing the user name for service in the new UI does not update the hadoop.auth
cookie
> ---------------------------------------------------------------------------------------------
>
>                 Key: YARN-8277
>                 URL: https://issues.apache.org/jira/browse/YARN-8277
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: yarn-ui-v2
>            Reporter: Gergely Novák
>            Priority: Major
>
> Steps to reproduce:
> 1) Click on "New Service" on the new YARN UI.
> 2) Provide an invalid, not existing user (e.g. "invalid").
> 3) Provide a service definition (e.g. sleeper) via the form or json.
> 4) Press deploy.
> 5) Response: Error: Adapter operation failed. With developer tools you can check that
{{/app/v1/services/?user.name=invalid}} gave a 403 status code with this diagnostic message:
> {code}
> "Permission denied: user=invalid, access=EXECUTE, ...
> {code}
> 6) Fix the user name, provide an existing user.
> 7) Press deploy.
> Expected behaviour: the user should successfully deploy the service.
> Current behaviour: The error response is the same.
> Root cause: The query parameter of the new request is correct ({{?user.name=existing_user}}),
however the hadoop.auth cookie is the old one: {{"u=invalid&p=invalid&t=simple-dt&e=1526073119565...}}.
Thus the request will fail with the same "Permission denied" error. 
> The only workaround for the user to fix this is to clear the hadoop.auth cookie from
the browser. 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org


Mime
View raw message