Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-10417

There is no token for anonymous authentication

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • security
    • None

    Description

      According to tucu00, if ANONYMOUS is enabled, then there is a token (cookie) and the response is 200. However, it never sets cookie when the token is ANONYMOUS in the code below.

      //AuthenticationFilter.doFilter(..)
          if (newToken && !token.isExpired() && token != AuthenticationToken.ANONYMOUS) {
            String signedToken = signer.sign(token.toString());
            createAuthCookie(httpResponse, signedToken, getCookieDomain(),
                    getCookiePath(), token.getExpires(), isHttps);
          }

      Attachments

        1. TestPseudoAuthenticator.patch
          0.9 kB
          Tsz-wo Sze

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-10398 KerberosAuthenticator failed to fall back to PseudoAuthenticator after HADOOP-10078

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              szetszwo Tsz-wo Sze
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated: