[
https://issues.apache.org/jira/browse/HADOOP-10670?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14036901#comment-14036901
]
Zhijie Shen commented on HADOOP-10670:
--------------------------------------
1. One question: Is configPrefix still necessary here? Other properties seem
not to require this prefix.
{code}
+ String signatureSecretFile = config.getProperty(configPrefix +
SIGNATURE_SECRET_FILE);
{code}
{code}
+ signatureSecret = config.getProperty(configPrefix + SIGNATURE_SECRET);
{code}
And when we get the config, we already filter properties by the prefix, don't
we?
{code}
configPrefix = (configPrefix != null) ? configPrefix + "." : "";
Properties config = getConfiguration(configPrefix, filterConfig);
{code}
2. Close it in the finally block? And use IOUtils?
{code}
+ reader.close();
{code}
3. This patch may affect TimelineAuthenticationFilterInitializer as well.
> Allow AuthenticationFilter to respect signature secret file even without
> AuthenticationFilterInitializer
> --------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-10670
> URL: https://issues.apache.org/jira/browse/HADOOP-10670
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Kai Zheng
> Assignee: Kai Zheng
> Priority: Minor
> Attachments: hadoop-10670-v2.patch, hadoop-10670.patch
>
>
> In Hadoop web console, by using AuthenticationFilterInitializer, it's allowed
> to configure AuthenticationFilter for the required signature secret by
> specifying signature.secret.file property. This improvement would also allow
> this when AuthenticationFilterInitializer isn't used in situations like
> webhdfs.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
