[jira] [Comment Edited] (HADOOP-12587) Hadoop AuthToken refuses to work without a maxinactive attribute in issued token

Wed, 16 Dec 2015 15:40:06 -0800 

    [ 
https://issues.apache.org/jira/browse/HADOOP-12587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15061135#comment-15061135
 ] 

Benoy Antony edited comment on HADOOP-12587 at 12/16/15 11:39 PM:
------------------------------------------------------------------

Attaching the patch

1. changed the name of the configuration from 
hadoop.http.authentication.token.MaxInactiveInterval  to 
hadoop.http.authentication.token.max-inactive-interval.
2. Set the default value to -1 so that the feature is disabled by default.
3. If the token does not contain InactiveInterval, the token is still processed 
without throwing exception.
4. added test cases to test token with valid activity interval, expired 
activity interval and missing activity interval. Each test case runs against a 
server where activity interval feature is enabled and disabled.
5. Updated documentation to reflect changes.


was (Author: benoyantony):
Attaching the patch

1. changed the name of the configuration from 
hadoop.http.authentication.token.MaxInactiveInterval  to 
hadoop.http.authentication.token.max-inactive-interval.
2. Set the default value to -1 so that the feature is disabled by default.
3. If the token does not contain mxInterval, the token is still processed 
without throwing exception.
4. add test cases to test token with valid activity interval, expired activity 
interval and missing activity interval. Each test case runs against a server 
where activity interval feature is enabled and disabled.
5. Updated documentation to reflect changes.

> Hadoop AuthToken refuses to work without a maxinactive attribute in issued 
> token
> --------------------------------------------------------------------------------
>
>                 Key: HADOOP-12587
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12587
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 2.8.0
>         Environment: OSX heimdal kerberos client against Linux KDC -talking 
> to a Hadoop 2.6.0 cluster
>            Reporter: Steve Loughran
>            Assignee: Benoy Antony
>            Priority: Blocker
>         Attachments: HADOOP-12587-001.patch
>
>
> If you don't have a max-inactive attribute in the auth token returned from 
> the web site, AuthToken will raise an exception. This stops callers without 
> this token being able to submit jobs to a secure Hadoop 2.6 YARN cluster with 
> timeline server enabled. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to