[jira] [Updated] (HADOOP-10416) For pseudo authentication, what to do if there is an expired token?

Allen Wittenauer (JIRA) Tue, 05 May 2015 20:38:20 -0700

     [ 
https://issues.apache.org/jira/browse/HADOOP-10416?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Allen Wittenauer updated HADOOP-10416:
--------------------------------------
    Labels: BB2015-05-TBR  (was: )

> For pseudo authentication, what to do if there is an expired token?
> -------------------------------------------------------------------
>
>                 Key: HADOOP-10416
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10416
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: security
>            Reporter: Tsz Wo Nicholas Sze
>            Assignee: Tsz Wo Nicholas Sze
>            Priority: Minor
>              Labels: BB2015-05-TBR
>         Attachments: c10416_20140321.patch, c10416_20140322.patch
>
>
> PseudoAuthenticationHandler currently only gets username from the "user.name" 
> parameter.  If there is an expired auth token in the request, the token is 
> ignored (without returning any error back to the client).  Further, if 
> anonymous is enabled, the client will be authenticated as anonymous.
> The above behavior seems non-desirable since the client does not want to be 
> authenticated as anonymous.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (HADOOP-10416) For pseudo authentication, what to do if there is an expired token?

Reply via email to