[
https://issues.apache.org/jira/browse/HADOOP-10670?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14036970#comment-14036970
]
Zhijie Shen commented on HADOOP-10670:
--------------------------------------
bq. But I'm not very sure about this
Neither do I. [~tucu00], would you mind commenting on this?
bq. What do you mean by 'affect'? Good or bad?
Basically I duplicate TimelineAuthenticationFilterInitializer with
AuthenticationFilterInitializer, and make minor touch to change the prefix and
accept empty secret. By moving the logic of loading the secret file into
AuthenticationFilter, you may also want to remove the analog part in
TimelineAuthenticationFilterInitializer as well.
BTW, can we close HADOOP-10600 as duplicate of this jira?
> Allow AuthenticationFilter to respect signature secret file even without
> AuthenticationFilterInitializer
> --------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-10670
> URL: https://issues.apache.org/jira/browse/HADOOP-10670
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Kai Zheng
> Assignee: Kai Zheng
> Priority: Minor
> Attachments: hadoop-10670-v2.patch, hadoop-10670.patch
>
>
> In Hadoop web console, by using AuthenticationFilterInitializer, it's allowed
> to configure AuthenticationFilter for the required signature secret by
> specifying signature.secret.file property. This improvement would also allow
> this when AuthenticationFilterInitializer isn't used in situations like
> webhdfs.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
