Alejandro Abdelnur created HADOOP-8314: ------------------------------------------
Summary: HttpServer#hasAdminAccess should return false if authorization is enabled but user is not authenticated Key: HADOOP-8314 URL: https://issues.apache.org/jira/browse/HADOOP-8314 Project: Hadoop Common Issue Type: Bug Components: security Affects Versions: 2.0.0, 3.0.0 Reporter: Alejandro Abdelnur Assignee: Alejandro Abdelnur Fix For: 2.0.0 Attachments: HADOOP-8314.patch If the user is not authenticated (request.getRemoteUser() returns NULL) or there is not authentication filter configured (thus returning also NULL), hasAdminAccess should return false. Note that a filter could allow anonymous access, thus the first case. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira