[ https://issues.apache.org/jira/browse/HADOOP-12050?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Benoy Antony reassigned HADOOP-12050: ------------------------------------- Assignee: hzlu (was: Benoy Antony) > Enable MaxInactiveInterval for hadoop http auth token > ----------------------------------------------------- > > Key: HADOOP-12050 > URL: https://issues.apache.org/jira/browse/HADOOP-12050 > Project: Hadoop Common > Issue Type: Improvement > Components: security > Reporter: Benoy Antony > Assignee: hzlu > > During http authentication, a cookie which contains the authentication token > is dropped. The expiry time of the authentication token can be configured via > hadoop.http.authentication.token.validity. The default value is 10 hours. > For clusters which require enhanced security, it is desirable to have a > configurable MaxInActiveInterval for the authentication token. If there is no > activity during MaxInActiveInterval, the authentication token will be > invalidated. > The MaxInActiveInterval will be less than > hadoop.http.authentication.token.validity. The default value will be 30 > minutes. -- This message was sent by Atlassian JIRA (v6.3.4#6332)