[
https://issues.apache.org/jira/browse/HADOOP-10709?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14355867#comment-14355867
]
Benoy Antony edited comment on HADOOP-10709 at 3/10/15 10:43 PM:
-----------------------------------------------------------------
I have attached the config file that we use in our clusters.
I do not use AltKerberosHandler. Instead, I use CompositeAuthenticationHandler
(HADOOP-10307).
With these three jiras ( HADOOP-10307, HADOOP-10702 and HADOOP-10709), I could
configure multiple multiple authentication mechanism for http and webhdfs.
To [~wheat9] TokenAuthFilter basically checks if there is delegationtoken
passed as a URL parameter and if so skips subsequent auth filters.
was (Author: benoyantony):
I have attached the config file that we use in our clusters.
I do not use AltKerberosHandler. Instead, I use CompositeAuthenticationHandler
(HADOOP-10307).
With these three jiras ( HADOOP-10307, HADOOP-10702 and HADOOP-10709), I could
configure multiple multiple authentication mechanism for http and webhdfs.
> Reuse Filters across web apps
> -----------------------------
>
> Key: HADOOP-10709
> URL: https://issues.apache.org/jira/browse/HADOOP-10709
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Benoy Antony
> Assignee: Benoy Antony
> Attachments: HADOOP-10709-002.patch, HADOOP-10709.patch,
> configForFilterReuse.xml
>
>
> Currently, we need to define separate authentication filters for webhdfs and
> general webui. This also involves defining parameters for those filters.
> It will be better if one could reuse filters for web apps if desired.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
