[
https://issues.apache.org/jira/browse/HDFS-5796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14215524#comment-14215524
]
Haohui Mai commented on HDFS-5796:
----------------------------------
bq. It basically uses AltKerberosAuthenticationHandler to no do SPNEGO for
browser based requests..
For the basic secure cluster set up. The user opens the browser, and the
browsers authenticate the user to the NN through SPNEGO. How does this patch
change this use case?
> The file system browser in the namenode UI requires SPNEGO.
> -----------------------------------------------------------
>
> Key: HDFS-5796
> URL: https://issues.apache.org/jira/browse/HDFS-5796
> Project: Hadoop HDFS
> Issue Type: Bug
> Affects Versions: 2.3.0
> Reporter: Kihwal Lee
> Assignee: Arun Suresh
> Attachments: HDFS-5796.1.patch
>
>
> After HDFS-5382, the browser makes webhdfs REST calls directly, requiring
> SPNEGO to work between user's browser and namenode. This won't work if the
> cluster's security infrastructure is isolated from the regular network.
> Moreover, SPNEGO is not supposed to be required for user-facing web pages.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
