[
https://issues.apache.org/jira/browse/HADOOP-8830?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13779524#comment-13779524
]
Hadoop QA commented on HADOOP-8830:
-----------------------------------
{color:red}-1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12605364/HADOOP-8830.20131026.1.patch
against trunk revision .
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:red}-1 tests included{color}. The patch doesn't appear to include
any new or modified tests.
Please justify why no new tests are needed for this
patch.
Also please list what manual steps were performed to
verify this patch.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 javadoc{color}. The javadoc tool did not generate any
warning messages.
{color:green}+1 eclipse:eclipse{color}. The patch built with
eclipse:eclipse.
{color:green}+1 findbugs{color}. The patch does not introduce any new
Findbugs (version 1.3.9) warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:green}+1 core tests{color}. The patch passed unit tests in
hadoop-common-project/hadoop-auth.
{color:green}+1 contrib tests{color}. The patch passed contrib unit tests.
Test results:
https://builds.apache.org/job/PreCommit-HADOOP-Build/3132//testReport/
Console output:
https://builds.apache.org/job/PreCommit-HADOOP-Build/3132//console
This message is automatically generated.
> org.apache.hadoop.security.authentication.server.AuthenticationFilter might
> be called twice, causing kerberos replay errors
> ---------------------------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-8830
> URL: https://issues.apache.org/jira/browse/HADOOP-8830
> Project: Hadoop Common
> Issue Type: Bug
> Affects Versions: 2.0.1-alpha, 2.1.0-beta, 2.1.1-beta, 2.1.2-beta
> Reporter: Moritz Moeller
> Assignee: Omkar Vinit Joshi
> Priority: Critical
> Attachments: HADOOP-8830.20131026.1.patch
>
>
> AuthenticationFilter.doFilter is called twice (not sure if that is
> intentional or not).
> The second time it is called the ServletRequest is already authenticated,
> i.e. httpRequest.getRemoteUser() returns non-null info.
> If the kerberos authentication is triggered a second time it'll return a
> replay attack exception.
> I solved this by adding a if (httpRequest.getRemoteUser() == null) at the
> very beginning of doFilter.
> Alternatively one can set an attribute on the request, or figure out why
> doFilter is called twice.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
