[
https://issues.apache.org/jira/browse/HIVE-27764?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated HIVE-27764:
----------------------------------
Labels: pull-request-available (was: )
> Authentication does not work behind Knox gateway because the
> "WWW-Authenticate: Negotiate" response header is missing
> ---------------------------------------------------------------------------------------------------------------------
>
> Key: HIVE-27764
> URL: https://issues.apache.org/jira/browse/HIVE-27764
> Project: Hive
> Issue Type: Bug
> Components: HiveServer2
> Reporter: Gergely Farkas
> Assignee: Gergely Farkas
> Priority: Major
> Labels: pull-request-available
>
> HIVE-27661 refactored the authentication code a bit and also introduced a new
> bug:
> Before the modification, if the client was not authenticated and Kerberos
> authentication was enabled, a response header was included in the HTTP 401
> response: _WWW-Authenticate: Negotiate_
> After the modification, this header is not included in the response, so [the
> reactive authentication flow implemented in the Knox
> gateway|https://github.com/apache/knox/blob/master/gateway-discovery-cm/src/main/java/org/apache/knox/gateway/topology/discovery/cm/auth/SpnegoAuthInterceptor.java#L105-L113]
> does not work anymore.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
