[
https://issues.apache.org/jira/browse/HADOOP-10416?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13949584#comment-13949584
]
Tsz Wo Nicholas Sze commented on HADOOP-10416:
----------------------------------------------
How about returning an error to client if the token is expired?
(revised description)
> For pseudo authentication, what to do if there is an expired token?
> -------------------------------------------------------------------
>
> Key: HADOOP-10416
> URL: https://issues.apache.org/jira/browse/HADOOP-10416
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Tsz Wo Nicholas Sze
> Assignee: Tsz Wo Nicholas Sze
> Priority: Minor
> Attachments: c10416_20140321.patch, c10416_20140322.patch
>
>
> PseudoAuthenticationHandler currently only gets username from the "user.name"
> parameter. If there is an expired auth token in the request, the token is
> ignored (without returning any error back to the client). Further, if
> anonymous is enabled, the client will be authenticated as anonymous.
> The above behavior seems non-desirable since the client does not want to be
> authenticated as anonymous.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
