[ https://issues.apache.org/jira/browse/HADOOP-10301?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13893462#comment-13893462 ]
Daryn Sharp commented on HADOOP-10301: -------------------------------------- Under what condition(s) do you think the 401 sans header can occur? The unit tests should cover the various scenarios, but I'm double checking all the code paths again. > AuthenticationFilter should return Forbidden for failed authentication > ---------------------------------------------------------------------- > > Key: HADOOP-10301 > URL: https://issues.apache.org/jira/browse/HADOOP-10301 > Project: Hadoop Common > Issue Type: Bug > Components: security > Affects Versions: 0.23.0, 2.0.0-alpha, 3.0.0 > Reporter: Daryn Sharp > Assignee: Daryn Sharp > Priority: Blocker > Attachments: HADOOP-10301.branch-23.patch, > HADOOP-10301.branch-23.patch, HADOOP-10301.patch, HADOOP-10301.patch > > > The hadoop-auth AuthenticationFilter returns a 401 Unauthorized without a > WWW-Authenticate headers. The is illegal per the HTTP RPC and causes a NPE > in the HttpUrlConnection. > This is half of a fix that affects webhdfs. See HDFS-4564. -- This message was sent by Atlassian JIRA (v6.1.5#6160)