[jira] Commented: (HDFS-991) Allow browsing the filesystem over http using delegation tokens

Wed, 24 Feb 2010 11:25:58 -0800 

    [ 
https://issues.apache.org/jira/browse/HDFS-991?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12837963#action_12837963
 ] 

Philip Zeyliger commented on HDFS-991:
--------------------------------------

Hi Owen,

When does the delegation token that the namenode provides 
(redirectToRandomDataNode()) expire?

A lot of websites pass security tokens via cookies, because GET parameters tend 
to get written down in referrer fields and such.  So there's the potential that 
someone will get their hands on your token.  Am I right that the token lets 
anyone read any data as if they were you?  I'd be more comfortable if it were 
cookie based (though that implies that your datanodes and your namenode are in 
the same domain, which might not be workable), though I do see how GET is 
simpler.

The web security part of me is also worried that this is liable to CSRF 
(http://en.wikipedia.org/wiki/Cross-site_request_forgery) attacks.  The key 
there, I think, is to make sure that when the namenode is issuing tokens, it's 
absolutely confident that it's issuing them to someone who is asking for them.

bq. URLEncoder.encode("/", "UTF-8")

Might be worthwhile to make this a constant.  It's unlikely to change :) 

bq. URL Creation

This isn't necessary this JIRA's to fix (nor is it introduced in this patch), 
but the manual URL concatenation strikes me as a bit ugly.  Most web frameworks 
have utilities to add GET parameters and such and to build URLs for you.  Not 
sure if one is handy in our environment, but usually more readable than long 
string concatenations.

bq. Tests

There aren't any :)  Understandable in a preliminary patch.

> Allow browsing the filesystem over http using delegation tokens
> ---------------------------------------------------------------
>
>                 Key: HDFS-991
>                 URL: https://issues.apache.org/jira/browse/HDFS-991
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>            Reporter: Owen O'Malley
>            Assignee: Owen O'Malley
>             Fix For: 0.22.0
>
>         Attachments: h-991.patch
>
>
> Assuming the user authenticates to the NameNode in the browser, allow them to 
> browse the file system by adding a delegation token the the url when it is 
> redirected to a datanode.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to