[jira] [Created] (HDFS-7920) FIx WebHDFS AuthFilter to use DelegationTokenAuthenticationFilter

Arun Suresh (JIRA) Thu, 12 Mar 2015 08:49:59 -0700

Arun Suresh created HDFS-7920:
---------------------------------

             Summary: FIx WebHDFS AuthFilter to use 
DelegationTokenAuthenticationFilter
                 Key: HDFS-7920
                 URL: https://issues.apache.org/jira/browse/HDFS-7920
             Project: Hadoop HDFS
          Issue Type: Improvement
          Components: webhdfs
            Reporter: Arun Suresh
            Assignee: Arun Suresh



The {{AuthFilter}} currently overrides the {{AuthenticationFilter}} to bypass 
kerberos authentication if it finds a DelegationToken param in the request. It 
doesnt verify/validate the token. This is handled properly in the 
{{DelegationTokenAuthenticationFilter}} / 
{{KerberosDelegationTokenAuthenticationHandler}}.

This will also work in an HA setup if the DelegationTokenHandler is configured 
to use a distributed DelegationTokenSecretManager like 
{{ZKDelegationTokenSecretManager}} 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (HDFS-7920) FIx WebHDFS AuthFilter to use DelegationTokenAuthenticationFilter

Reply via email to