[ https://issues.apache.org/jira/browse/HADOOP-14246?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Templeton updated HADOOP-14246: -------------------------------------- Resolution: Fixed Hadoop Flags: Reviewed Fix Version/s: 3.0.0-alpha3 2.9.0 Status: Resolved (was: Patch Available) Thanks for the patch, [~rkanter], and for the review, [~yufeigu]. Committed to trunk and branch-2. > Authentication Tokens should use SecureRandom instead of Random and 256 bit > secrets > ----------------------------------------------------------------------------------- > > Key: HADOOP-14246 > URL: https://issues.apache.org/jira/browse/HADOOP-14246 > Project: Hadoop Common > Issue Type: Improvement > Components: security > Affects Versions: 2.9.0 > Reporter: Robert Kanter > Assignee: Robert Kanter > Fix For: 2.9.0, 3.0.0-alpha3 > > Attachments: HADOOP-14246.001.patch > > > {{RandomSignerSecretProvider}} and {{ZKSignerSecretProvider}} currently use a > {{long}} generated by {{Random}} (which is then converted to a {{String}} and > is 160 bits) for secrets. > We should improve this to use 256 bit secrets generated by {{SecureRandom}}. -- This message was sent by Atlassian JIRA (v6.3.15#6346) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org