[
https://issues.apache.org/jira/browse/OOZIE-1498?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13742118#comment-13742118
]
Hadoop QA commented on OOZIE-1498:
----------------------------------
Testing JIRA OOZIE-1498
Cleaning local svn workspace
----------------------------
{color:green}+1 PATCH_APPLIES{color}
{color:green}+1 CLEAN{color}
{color:red}-1 RAW_PATCH_ANALYSIS{color}
. {color:green}+1{color} the patch does not introduce any @author tags
. {color:green}+1{color} the patch does not introduce any tabs
. {color:green}+1{color} the patch does not introduce any trailing spaces
. {color:green}+1{color} the patch does not introduce any line longer than
132
. {color:red}-1{color} the patch does not add/modify any testcase
{color:green}+1 RAT{color}
. {color:green}+1{color} the patch does not seem to introduce new RAT
warnings
{color:green}+1 JAVADOC{color}
. {color:green}+1{color} the patch does not seem to introduce new Javadoc
warnings
{color:green}+1 COMPILE{color}
. {color:green}+1{color} HEAD compiles
. {color:green}+1{color} patch compiles
. {color:green}+1{color} the patch does not seem to introduce new javac
warnings
{color:green}+1 BACKWARDS_COMPATIBILITY{color}
. {color:green}+1{color} the patch does not change any JPA
Entity/Colum/Basic/Lob/Transient annotations
. {color:green}+1{color} the patch does not modify JPA files
{color:green}+1 TESTS{color}
. Tests run: 1278
{color:green}+1 DISTRO{color}
. {color:green}+1{color} distro tarball builds with the patch
----------------------------
{color:red}*-1 Overall result, please check the reported -1(s)*{color}
The full output of the test-patch run is available at
. https://builds.apache.org/job/oozie-trunk-precommit-build/726/
> Any user is allowed to manage job not as owner
> ----------------------------------------------
>
> Key: OOZIE-1498
> URL: https://issues.apache.org/jira/browse/OOZIE-1498
> Project: Oozie
> Issue Type: Bug
> Reporter: Eugene Shevchuk
> Assignee: Eugene Shevchuk
> Attachments: OOZIE-1498.patch
>
>
> The problem was that anonymous users are enabled in oozie configuration. It
> can lead to the following problem. When user's token is expired
> PseudoAuthenticationHandler searches for user.name parameter in request.
> Obviously, it can't find it because client doesn't know anything about
> expired token. So auth handler assumes that user is anonymous and return
> anonymous token with username=null. Oozie server can't deal with doAs
> parameter and anonymous request simultaneously because 500 error will occur
> (user is null). By default this option is disabled so any user can manage any
> job. Now it's disabled by default
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
