[ https://issues.apache.org/jira/browse/HADOOP-9054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13499512#comment-13499512 ]
Allen Wittenauer commented on HADOOP-9054: ------------------------------------------ On the Hadoop side, the authentication handler is already plug-able. So it looks like you want to make them chain-able? Also keep in mind that on the Hadoop-side, the user is going to get bounced around a lot. As a result, this means they might need to re-authenticate on every host if one isn't careful about the implementation. > Add AuthenticationHandler that uses Kerberos but allows for an alternate form > of authentication for browsers > ------------------------------------------------------------------------------------------------------------ > > Key: HADOOP-9054 > URL: https://issues.apache.org/jira/browse/HADOOP-9054 > Project: Hadoop Common > Issue Type: New Feature > Components: security > Reporter: Robert Kanter > Assignee: Robert Kanter > Fix For: 1.2.0, 2.0.3-alpha > > > It would be useful for some Oozie users if, when using Kerberos, that browser > access to the oozie web UI could be authenticated in a different way (w/o > Kerberos). This may be useful for other projects using Hadoop-Auth, so this > feature is to add a new AuthenticationHandler that uses Kerberos by default, > unless a browser (user-agents are configurable) is used, in which case some > other form of authentication can be used. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira