[
https://issues.apache.org/jira/browse/HDFS-5217?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13776984#comment-13776984
]
Dilli Arumugam commented on HDFS-5217:
--------------------------------------
Reading the patch, it appears that you used BASIC auth to authenticate the user.
Could you confirm, clarify that?
In a secure cluster, the correct thing would be to authenticate the end user
with SPNego for WebUI access.
Did you follow the instructions at
http://hadoop.apache.org/docs/stable/HttpAuthentication.html
> Namenode log directory link is inaccessible in secure cluster
> -------------------------------------------------------------
>
> Key: HDFS-5217
> URL: https://issues.apache.org/jira/browse/HDFS-5217
> Project: Hadoop HDFS
> Issue Type: Bug
> Affects Versions: 3.0.0
> Reporter: Jing Zhao
> Assignee: Jing Zhao
> Attachments: HDFS-5217.000.patch
>
>
> Currently in a secured HDFS cluster, 401 error is returned when clicking the
> "NameNode Logs" link.
> Looks like the cause of the issue is that the httpServer does not correctly
> set the security handler and the user realm currently, which causes the
> httpRequest.getRemoteUser (for the log URL) to return null and later be
> overwritten to the default web name (e.g., "dr.who") by the filter. In the
> meanwhile, in a secured cluster the log URL requires the http user to be an
> administrator. That's why we see the 401 error.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
