[
https://issues.apache.org/jira/browse/HADOOP-9054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13507599#comment-13507599
]
Alejandro Abdelnur commented on HADOOP-9054:
--------------------------------------------
+1.
On Allen's comment "the user is going to get bounced around a lot. As a result,
this means they might need to re-authenticate on every host if one isn't
careful about the implementation."
Hadoop-Auth already has provisions for this by allowing you to define a cookie
domain. Once you have a hadoop-auth cookie, the authentication-handler code
does not kicks in until the cookie expires.
> Add AuthenticationHandler that uses Kerberos but allows for an alternate form
> of authentication for browsers
> ------------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-9054
> URL: https://issues.apache.org/jira/browse/HADOOP-9054
> Project: Hadoop Common
> Issue Type: New Feature
> Components: security
> Reporter: Robert Kanter
> Assignee: Robert Kanter
> Fix For: 2.0.3-alpha
>
> Attachments: HADOOP-9054.patch, HADOOP-9054.patch
>
>
> It would be useful for some Oozie users if, when using Kerberos, that browser
> access to the oozie web UI could be authenticated in a different way (w/o
> Kerberos). This may be useful for other projects using Hadoop-Auth, so this
> feature is to add a new AuthenticationHandler that uses Kerberos by default,
> unless a browser (user-agents are configurable) is used, in which case some
> other form of authentication can be used.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
