[ https://issues.apache.org/jira/browse/HADOOP-10301?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13949844#comment-13949844 ]
Tsz Wo Nicholas Sze commented on HADOOP-10301: ---------------------------------------------- For client-side NPEs, do you mean HADOOP-9363? Then, do we also need HADOOP-9363? There is no patch in HADOOP-9363. > AuthenticationFilter should return Forbidden for failed authentication > ---------------------------------------------------------------------- > > Key: HADOOP-10301 > URL: https://issues.apache.org/jira/browse/HADOOP-10301 > Project: Hadoop Common > Issue Type: Bug > Components: security > Affects Versions: 0.23.0, 2.0.0-alpha, 3.0.0 > Reporter: Daryn Sharp > Assignee: Daryn Sharp > Priority: Blocker > Attachments: HADOOP-10301.branch-23.patch, > HADOOP-10301.branch-23.patch, HADOOP-10301.patch, HADOOP-10301.patch, > HADOOP-10301.patch > > > The hadoop-auth AuthenticationFilter returns a 401 Unauthorized without a > WWW-Authenticate headers. The is illegal per the HTTP RPC and causes a NPE > in the HttpUrlConnection. > This is half of a fix that affects webhdfs. See HDFS-4564. -- This message was sent by Atlassian JIRA (v6.2#6252)