[
https://issues.apache.org/jira/browse/HADOOP-10880?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14097078#comment-14097078
]
Daryn Sharp commented on HADOOP-10880:
--------------------------------------
I think it's something like this:
{{curl --negotiate --digest --user "token:password" http://nn:50070}}
or to keep it off the cmdline:
{{curl --negotiate -K dtoken.opts http://nn:50070}}
dtoken.opts file:
{{--digest --user "token:password"}}
> Move HTTP delegation tokens out of URL querystring to a header
> --------------------------------------------------------------
>
> Key: HADOOP-10880
> URL: https://issues.apache.org/jira/browse/HADOOP-10880
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 2.4.1
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Priority: Blocker
> Attachments: HADOOP-10880.patch, HADOOP-10880.patch,
> HADOOP-10880.patch
>
>
> Following up on a discussion in HADOOP-10799.
> Because URLs are often logged, delegation tokens may end up in LOG files
> while they are still valid.
> We should move the tokens to a header.
> We should still support tokens in the querystring for backwards compatibility.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
