[
https://issues.apache.org/jira/browse/YARN-8277?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16477302#comment-16477302
]
Gergely Novák commented on YARN-8277:
-------------------------------------
Additional info: the hadoop.auth cookie is HttpOnly, so I can't simply delete
it from client side..
> [UI2] Changing the user name for service in the new UI does not update the
> hadoop.auth cookie
> ---------------------------------------------------------------------------------------------
>
> Key: YARN-8277
> URL: https://issues.apache.org/jira/browse/YARN-8277
> Project: Hadoop YARN
> Issue Type: Bug
> Components: yarn-ui-v2
> Reporter: Gergely Novák
> Priority: Major
>
> Steps to reproduce:
> 1) Click on "New Service" on the new YARN UI.
> 2) Provide an invalid, not existing user (e.g. "invalid").
> 3) Provide a service definition (e.g. sleeper) via the form or json.
> 4) Press deploy.
> 5) Response: Error: Adapter operation failed. With developer tools you can
> check that {{/app/v1/services/?user.name=invalid}} gave a 403 status code
> with this diagnostic message:
> {code}
> "Permission denied: user=invalid, access=EXECUTE, ...
> {code}
> 6) Fix the user name, provide an existing user.
> 7) Press deploy.
> Expected behaviour: the user should successfully deploy the service.
> Current behaviour: The error response is the same.
> Root cause: The query parameter of the new request is correct
> ({{?user.name=existing_user}}), however the hadoop.auth cookie is the old
> one: {{"u=invalid&p=invalid&t=simple-dt&e=1526073119565...}}. Thus the
> request will fail with the same "Permission denied" error.
> The only workaround for the user to fix this is to clear the hadoop.auth
> cookie from the browser.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
