[
https://issues.apache.org/jira/browse/HADOOP-9054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13499512#comment-13499512
]
Allen Wittenauer commented on HADOOP-9054:
------------------------------------------
On the Hadoop side, the authentication handler is already plug-able. So it
looks like you want to make them chain-able? Also keep in mind that on the
Hadoop-side, the user is going to get bounced around a lot. As a result, this
means they might need to re-authenticate on every host if one isn't careful
about the implementation.
> Add AuthenticationHandler that uses Kerberos but allows for an alternate form
> of authentication for browsers
> ------------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-9054
> URL: https://issues.apache.org/jira/browse/HADOOP-9054
> Project: Hadoop Common
> Issue Type: New Feature
> Components: security
> Reporter: Robert Kanter
> Assignee: Robert Kanter
> Fix For: 1.2.0, 2.0.3-alpha
>
>
> It would be useful for some Oozie users if, when using Kerberos, that browser
> access to the oozie web UI could be authenticated in a different way (w/o
> Kerberos). This may be useful for other projects using Hadoop-Auth, so this
> feature is to add a new AuthenticationHandler that uses Kerberos by default,
> unless a browser (user-agents are configurable) is used, in which case some
> other form of authentication can be used.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
