[ https://issues.apache.org/jira/browse/HADOOP-12050?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14699961#comment-14699961 ]
Benoy Antony commented on HADOOP-12050: --------------------------------------- Looks good, +1. If there are no other comments, I'll commit this tomorrow. > Enable MaxInactiveInterval for hadoop http auth token > ----------------------------------------------------- > > Key: HADOOP-12050 > URL: https://issues.apache.org/jira/browse/HADOOP-12050 > Project: Hadoop Common > Issue Type: Improvement > Components: security > Affects Versions: 3.0.0 > Reporter: Benoy Antony > Assignee: hzlu > Fix For: 3.0.0 > > Attachments: HADOOP-12050.003.patch, HADOOP-12050.004.patch > > > During http authentication, a cookie which contains the authentication token > is dropped. The expiry time of the authentication token can be configured via > hadoop.http.authentication.token.validity. The default value is 10 hours. > For clusters which require enhanced security, it is desirable to have a > configurable MaxInActiveInterval for the authentication token. If there is no > activity during MaxInActiveInterval, the authentication token will be > invalidated. > The MaxInActiveInterval will be less than > hadoop.http.authentication.token.validity. The default value will be 30 > minutes. -- This message was sent by Atlassian JIRA (v6.3.4#6332)