Benoy Antony created HADOOP-11567:
-------------------------------------
Summary: Refresh HTTP Authentication secret without restarting the
server
Key: HADOOP-11567
URL: https://issues.apache.org/jira/browse/HADOOP-11567
Project: Hadoop Common
Issue Type: Improvement
Affects Versions: 2.6.0
Reporter: Benoy Antony
Assignee: Benoy Antony
The _AuthenticationFilter_ uses the secret read from a file specified via
hadoop.http.authentication.signature.secret.file to sign the cookie containing
user authentication information.
The secret is read only during initialization and hence needs a restart to
update the secret.
ZKSignerSecretProvider can be used to rotate the secrets without restarting the
servers, but it needs a zookeeper setup.
The jira is to refresh secret by updating the file.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
