[
https://issues.apache.org/jira/browse/KNOX-25?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kevin Minder updated KNOX-25:
-----------------------------
Description:
The basic interactions flow might look like this.
1. Client authenticates with KDC
2. Client requests HDFS resource via gateway
3. Knox authenticates client via SPNEGO
4. Knox authentication Service via SPNEGO
5. Gateway dispatches request and tokens to service.
6. Service provides response including hadoop.auth cookie. This prevents
subsequent KDC and SPNEGO interactions.
was:
>From BUG-4304
The basic interactions flow might look like this.
1. Client authenticates with KDC
2. Client requests HDFS resource via gateway
3. Gateway forwards original request to service
4. Service challenges with SPNEGO
5. Gateway returns challenge to client.
6. Client resends request with tokens
7. Gateway dispatches request and tokens to service.
8. Service provides response including hadoop.auth cookie. This prevents
subsequent KDC and SPNEGO interactions.
> Knox should support authentication using SPNEGO from browser
> ------------------------------------------------------------
>
> Key: KNOX-25
> URL: https://issues.apache.org/jira/browse/KNOX-25
> Project: Apache Knox
> Issue Type: New Feature
> Components: Server
> Affects Versions: 0.2.0
> Reporter: Kevin Minder
> Assignee: Dilli Arumugam
> Fix For: 0.7.0
>
> Attachments: KNOX-25.patch, KNOX-25.patch.1
>
>
> The basic interactions flow might look like this.
> 1. Client authenticates with KDC
> 2. Client requests HDFS resource via gateway
> 3. Knox authenticates client via SPNEGO
> 4. Knox authentication Service via SPNEGO
> 5. Gateway dispatches request and tokens to service.
> 6. Service provides response including hadoop.auth cookie. This prevents
> subsequent KDC and SPNEGO interactions.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
