[
https://issues.apache.org/jira/browse/KNOX-25?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13966881#comment-13966881
]
Dilli Arumugam commented on KNOX-25:
------------------------------------
revising summary to reflect the fact that Knox should support authenticating
browser user with SPNego irrespective of whether Hadoop cluster is secure or not
> Access Kerberos securKnox should support authentication using SPNEGO from
> browser
> ---------------------------------------------------------------------------------
>
> Key: KNOX-25
> URL: https://issues.apache.org/jira/browse/KNOX-25
> Project: Apache Knox
> Issue Type: New Feature
> Components: Server
> Affects Versions: 0.2.0
> Reporter: Kevin Minder
> Assignee: Dilli Arumugam
> Fix For: 0.5.0
>
>
> From BUG-4304
> The basic interactions flow might look like this.
> 1. Client authenticates with KDC
> 2. Client requests HDFS resource via gateway
> 3. Gateway forwards original request to service
> 4. Service challenges with SPNEGO
> 5. Gateway returns challenge to client.
> 6. Client resends request with tokens
> 7. Gateway dispatches request and tokens to service.
> 8. Service provides response including hadoop.auth cookie. This prevents
> subsequent KDC and SPNEGO interactions.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
