[ https://issues.apache.org/jira/browse/HIVE-27764?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
ASF GitHub Bot updated HIVE-27764: ---------------------------------- Labels: pull-request-available (was: ) > Authentication does not work behind Knox gateway because the > "WWW-Authenticate: Negotiate" response header is missing > --------------------------------------------------------------------------------------------------------------------- > > Key: HIVE-27764 > URL: https://issues.apache.org/jira/browse/HIVE-27764 > Project: Hive > Issue Type: Bug > Components: HiveServer2 > Reporter: Gergely Farkas > Assignee: Gergely Farkas > Priority: Major > Labels: pull-request-available > > HIVE-27661 refactored the authentication code a bit and also introduced a new > bug: > Before the modification, if the client was not authenticated and Kerberos > authentication was enabled, a response header was included in the HTTP 401 > response: _WWW-Authenticate: Negotiate_ > After the modification, this header is not included in the response, so [the > reactive authentication flow implemented in the Knox > gateway|https://github.com/apache/knox/blob/master/gateway-discovery-cm/src/main/java/org/apache/knox/gateway/topology/discovery/cm/auth/SpnegoAuthInterceptor.java#L105-L113] > does not work anymore. -- This message was sent by Atlassian Jira (v8.20.10#820010)