[
https://issues.apache.org/jira/browse/HADOOP-10671?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14354186#comment-14354186
]
Kai Zheng commented on HADOOP-10671:
------------------------------------
Hi [~wheat9],
Thanks for your comment and guiding.
bq.Can you please list all the configurations and then we can discuss what is
the best way to move forward ?
Yes I will list all the affected configuration properties for the discussion in
the week.
To better reflect what's actually done here, I modified the JIRA description.
Actually SSO effect between web console and web hdfs is just a result of this
change.
> Unify configurations for authentication filters between web console and web
> hdfs
> --------------------------------------------------------------------------------
>
> Key: HADOOP-10671
> URL: https://issues.apache.org/jira/browse/HADOOP-10671
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Kai Zheng
> Assignee: Kai Zheng
> Attachments: HADOOP-10671-v3.patch, hadoop-10671-v2.patch,
> hadoop-10671.patch
>
>
> Currently it's not able to single sign on between hadoop web console and
> webhdfs since they don't share common configurations as required to, such as
> signature secret to sign authenticaton token, and domain cookie etc. This
> improvement would allow sso between the two, and also simplify the
> configuration by removing the duplicate effort for the two parts.
> The sso makes sense because in current web console, it integrates webhdfs and
> we should avoid redundant sign on in different mechanisms. This is necessary
> when a certain authentication mechanism other than SPNEGO is desired across
> web console and webhdfs.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
