[
https://issues.apache.org/jira/browse/HADOOP-8458?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alejandro Abdelnur updated HADOOP-8458:
---------------------------------------
Hadoop Flags: Incompatible change
Status: Patch Available (was: Open)
while AuthenticationHandler is a 'private' API it may break existing
implementations (Oozie, hbase, etc.), the solution for those implementations is
to add the new method doing a NOP and returning TRUE.
> Add management hook to AuthenticationHandler to enable delegation token
> operations support
> ------------------------------------------------------------------------------------------
>
> Key: HADOOP-8458
> URL: https://issues.apache.org/jira/browse/HADOOP-8458
> Project: Hadoop Common
> Issue Type: New Feature
> Components: security
> Affects Versions: 2.0.1-alpha
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Fix For: 2.0.1-alpha
>
> Attachments: HADOOP-8458.patch
>
>
> Currently hadoop-auth AuthenticationHandler only authenticates a request.
> While it can easily be extended to authenticate delegation tokens, it cannot
> handle the delegation token get/renew/cancel operations.
> The motivation of this new feature is that the above delegation token
> operations should be handled by a security component (hadoop-auth) instead of
> a functional component (httpfs implementation). Ideally we should have a
> complete separation of concerns between delegation token management and
> FileSystem/MapReduce/YARN API, but we don't. This change is a step on that
> directory for HTTP based services (like HttpFS).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
