[
https://issues.apache.org/jira/browse/OOZIE-1498?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Eugene Shevchuk updated OOZIE-1498:
-----------------------------------
Description: By default this option is disabled so any user can manage any
job. Now it's disabled by default (was: The problem was that anonymous users
are enabled in oozie configuration. It can lead to the following problem. When
user's token is expired PseudoAuthenticationHandler searches for user.name
parameter in request. Obviously, it can't find it because client doesn't know
anything about expired token. So auth handler assumes that user is anonymous
and return anonymous token with username=null. Oozie server can't deal with
doAs parameter and anonymous request simultaneously because 500 error will
occur (user is null). By default this option is disabled so any user can manage
any job. Now it's disabled by default)
> Any user is allowed to manage job not as owner
> ----------------------------------------------
>
> Key: OOZIE-1498
> URL: https://issues.apache.org/jira/browse/OOZIE-1498
> Project: Oozie
> Issue Type: Bug
> Reporter: Eugene Shevchuk
> Assignee: Eugene Shevchuk
> Attachments: OOZIE-1498.patch
>
>
> By default this option is disabled so any user can manage any job. Now it's
> disabled by default
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
