[ https://issues.apache.org/jira/browse/HADOOP-9054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13507599#comment-13507599 ]
Alejandro Abdelnur commented on HADOOP-9054: -------------------------------------------- +1. On Allen's comment "the user is going to get bounced around a lot. As a result, this means they might need to re-authenticate on every host if one isn't careful about the implementation." Hadoop-Auth already has provisions for this by allowing you to define a cookie domain. Once you have a hadoop-auth cookie, the authentication-handler code does not kicks in until the cookie expires. > Add AuthenticationHandler that uses Kerberos but allows for an alternate form > of authentication for browsers > ------------------------------------------------------------------------------------------------------------ > > Key: HADOOP-9054 > URL: https://issues.apache.org/jira/browse/HADOOP-9054 > Project: Hadoop Common > Issue Type: New Feature > Components: security > Reporter: Robert Kanter > Assignee: Robert Kanter > Fix For: 2.0.3-alpha > > Attachments: HADOOP-9054.patch, HADOOP-9054.patch > > > It would be useful for some Oozie users if, when using Kerberos, that browser > access to the oozie web UI could be authenticated in a different way (w/o > Kerberos). This may be useful for other projects using Hadoop-Auth, so this > feature is to add a new AuthenticationHandler that uses Kerberos by default, > unless a browser (user-agents are configurable) is used, in which case some > other form of authentication can be used. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira