[ https://issues.apache.org/jira/browse/HADOOP-10670?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14378850#comment-14378850 ]
Robert Kanter commented on HADOOP-10670: ---------------------------------------- It's not really a side effect of HADOOP-10868; it's a side effect of the original implementation, which simply loaded the secret from a config property, or used a random one if not set. HADOOP-10791 added support for pluggable providers (to allow HADOOP-1868 to work), and included {{StringSignerSecretProvider}} to be backwards compatible with that setting. While I agree that {{FileSignerSecretProvider}} is more secure, I'm not sure we can simply remove {{StringSignerSecretProvider}} without breaking compatibility. What if we instead deprecate it, log a warning about it not being recommended, and add a note to the docs? > Allow AuthenticationFilter to respect signature secret file even without > AuthenticationFilterInitializer > -------------------------------------------------------------------------------------------------------- > > Key: HADOOP-10670 > URL: https://issues.apache.org/jira/browse/HADOOP-10670 > Project: Hadoop Common > Issue Type: Improvement > Components: security > Reporter: Kai Zheng > Assignee: Kai Zheng > Priority: Minor > Attachments: HADOOP-10670-v4.patch, HADOOP-10670-v5.patch, > hadoop-10670-v2.patch, hadoop-10670-v3.patch, hadoop-10670.patch > > > In Hadoop web console, by using AuthenticationFilterInitializer, it's allowed > to configure AuthenticationFilter for the required signature secret by > specifying signature.secret.file property. This improvement would also allow > this when AuthenticationFilterInitializer isn't used in situations like > webhdfs. -- This message was sent by Atlassian JIRA (v6.3.4#6332)