Impala Public Jenkins has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/14077 )
Change subject: IMPALA-8868: Fix 401 response when LDAP and Kerberos are enabled ...................................................................... IMPALA-8868: Fix 401 response when LDAP and Kerberos are enabled When both kerberos and ldap auth are enabled and an http request is not successfully authenticated, THttpServer only sends the 'WWW-Authenticate: Basic' challenge and doesn't send the 'WWW-Authenticate: Negotiate' challenge, which can cause clients that want to connect with kerberos to fail to authenticate. This patch fixes this to send both challenges. Testing: - Manually tested in a cluster with both Kerberos and LDAP enabled on Impala with connections proxied through Apache Knox, which would previously fail. Change-Id: I138f33783bfd0f8f9b8db242589a9cc75cfd392a Reviewed-on: http://gerrit.cloudera.org:8080/14077 Reviewed-by: Impala Public Jenkins <[email protected]> Tested-by: Impala Public Jenkins <[email protected]> --- M be/src/transport/THttpServer.cpp 1 file changed, 10 insertions(+), 5 deletions(-) Approvals: Impala Public Jenkins: Looks good to me, approved; Verified -- To view, visit http://gerrit.cloudera.org:8080/14077 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: Impala-ASF Gerrit-Branch: master Gerrit-MessageType: merged Gerrit-Change-Id: I138f33783bfd0f8f9b8db242589a9cc75cfd392a Gerrit-Change-Number: 14077 Gerrit-PatchSet: 4 Gerrit-Owner: Thomas Tauber-Marshall <[email protected]> Gerrit-Reviewer: Impala Public Jenkins <[email protected]> Gerrit-Reviewer: Thomas Tauber-Marshall <[email protected]> Gerrit-Reviewer: Tim Armstrong <[email protected]> Gerrit-Reviewer: Todd Lipcon <[email protected]>
