Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-12050

Enable MaxInactiveInterval for hadoop http auth token

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.7.1
    • Fix Version/s: 2.8.0, 3.0.0-alpha1
    • Component/s: security
    • Labels:
      None

      Description

      During http authentication, a cookie which contains the authentication token is dropped. The expiry time of the authentication token can be configured via hadoop.http.authentication.token.validity. The default value is 10 hours.

      For clusters which require enhanced security, it is desirable to have a configurable MaxInActiveInterval for the authentication token. If there is no activity during MaxInActiveInterval, the authentication token will be invalidated.

      The MaxInActiveInterval will be less than hadoop.http.authentication.token.validity. The default value will be 30 minutes.

      1. HADOOP-12050.003.patch
        15 kB
        Huizhi Lu
      2. HADOOP-12050.004.patch
        24 kB
        Huizhi Lu

        Issue Links

          Activity

          Hide
          stevel@apache.org Steve Loughran added a comment -

          This patch prevents a 2.8.0 client submitting work to a secure Hadoop 2.6/2.7 cluster.

          HADOOP-12587 covers the issue: it's going to need fixing before any release

          Show
          stevel@apache.org Steve Loughran added a comment - This patch prevents a 2.8.0 client submitting work to a secure Hadoop 2.6/2.7 cluster. HADOOP-12587 covers the issue: it's going to need fixing before any release
          Hide
          benoyantony Benoy Antony added a comment -

          Sure, we can change the property name to follow the conventions. Please let me know if you want me to open a jira and change it

          Show
          benoyantony Benoy Antony added a comment - Sure, we can change the property name to follow the conventions. Please let me know if you want me to open a jira and change it
          Hide
          vinodkv Vinod Kumar Vavilapalli added a comment -

          Huizhi Lu / Benoy Antony, the configuration property introduced here doesn't follow our usual conventions (which I concede are not documented in writing). But can we rename this from hadoop.http.authentication.token.MaxInactiveInterval to hadoop.http.authentication.token.max-inactive-interval? If you agree, we can get it fixed.

          Show
          vinodkv Vinod Kumar Vavilapalli added a comment - Huizhi Lu / Benoy Antony , the configuration property introduced here doesn't follow our usual conventions (which I concede are not documented in writing). But can we rename this from hadoop.http.authentication.token.MaxInactiveInterval to hadoop.http.authentication.token.max-inactive-interval ? If you agree, we can get it fixed.
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #289 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/289/)
          hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0)

          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java
          • hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          • hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Mapreduce-trunk-Java8 #289 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk-Java8/289/ ) hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0) hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Mapreduce-trunk #2238 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/2238/)
          hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0)

          • hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java
          • hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Mapreduce-trunk #2238 (See https://builds.apache.org/job/Hadoop-Mapreduce-trunk/2238/ ) hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0) hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #281 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/281/)
          hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0)

          • hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java
          • hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk-Java8 #281 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk-Java8/281/ ) hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0) hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Hdfs-trunk #2219 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/2219/)
          hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0)

          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java
          • hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java
          • hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Hdfs-trunk #2219 (See https://builds.apache.org/job/Hadoop-Hdfs-trunk/2219/ ) hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0) hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Yarn-trunk-Java8 #292 (See https://builds.apache.org/job/Hadoop-Yarn-trunk-Java8/292/)
          hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0)

          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java
          • hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md
          • hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Yarn-trunk-Java8 #292 (See https://builds.apache.org/job/Hadoop-Yarn-trunk-Java8/292/ ) hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0) hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-Yarn-trunk #1022 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/1022/)
          hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0)

          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          • hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
          • hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-Yarn-trunk #1022 (See https://builds.apache.org/job/Hadoop-Yarn-trunk/1022/ ) hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0) hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md
          Hide
          benoyantony Benoy Antony added a comment -

          Committed to trunk and branch-2.
          Thanks for the contribution , Huizhi.

          Show
          benoyantony Benoy Antony added a comment - Committed to trunk and branch-2. Thanks for the contribution , Huizhi.
          Hide
          hudson Hudson added a comment -

          FAILURE: Integrated in Hadoop-trunk-Commit #8318 (See https://builds.apache.org/job/Hadoop-trunk-Commit/8318/)
          hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0)

          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java
          • hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java
          • hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md
          • hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          Show
          hudson Hudson added a comment - FAILURE: Integrated in Hadoop-trunk-Commit #8318 (See https://builds.apache.org/job/Hadoop-trunk-Commit/8318/ ) hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. (benoy: rev 71aedfabf39e03104c8d22456e95ef6349aae6c0) hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/AuthToken.java hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationToken.java hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationFilter.java hadoop-common-project/hadoop-common/src/site/markdown/HttpAuthentication.md hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/AuthenticationFilter.java
          Hide
          benoyantony Benoy Antony added a comment -

          Looks good, +1.
          If there are no other comments, I'll commit this tomorrow.

          Show
          benoyantony Benoy Antony added a comment - Looks good, +1. If there are no other comments, I'll commit this tomorrow.
          Hide
          hadoopqa Hadoop QA added a comment -



          +1 overall



          Vote Subsystem Runtime Comment
          0 pre-patch 22m 4s Pre-patch trunk compilation is healthy.
          +1 @author 0m 0s The patch does not contain any @author tags.
          +1 tests included 0m 0s The patch appears to include 1 new or modified test files.
          +1 javac 8m 22s There were no new javac warning messages.
          +1 javadoc 10m 18s There were no new javadoc warning messages.
          +1 release audit 0m 21s The applied patch does not increase the total number of release audit warnings.
          +1 site 3m 1s Site still builds.
          +1 checkstyle 1m 38s There were no new checkstyle issues.
          +1 whitespace 0m 1s The patch has no lines that end in whitespace.
          +1 install 1m 28s mvn install still works.
          +1 eclipse:eclipse 0m 34s The patch built with eclipse:eclipse.
          +1 findbugs 2m 48s The patch does not introduce any new Findbugs (version 3.0.0) warnings.
          +1 common tests 5m 13s Tests passed in hadoop-auth.
          +1 common tests 22m 49s Tests passed in hadoop-common.
              78m 40s  



          Subsystem Report/Notes
          Patch URL http://issues.apache.org/jira/secure/attachment/12745724/HADOOP-12050.004.patch
          Optional Tests javadoc javac unit findbugs checkstyle site
          git revision trunk / ee36f4f
          hadoop-auth test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7295/artifact/patchprocess/testrun_hadoop-auth.txt
          hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7295/artifact/patchprocess/testrun_hadoop-common.txt
          Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7295/testReport/
          Java 1.7.0_55
          uname Linux asf907.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
          Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7295/console

          This message was automatically generated.

          Show
          hadoopqa Hadoop QA added a comment - +1 overall Vote Subsystem Runtime Comment 0 pre-patch 22m 4s Pre-patch trunk compilation is healthy. +1 @author 0m 0s The patch does not contain any @author tags. +1 tests included 0m 0s The patch appears to include 1 new or modified test files. +1 javac 8m 22s There were no new javac warning messages. +1 javadoc 10m 18s There were no new javadoc warning messages. +1 release audit 0m 21s The applied patch does not increase the total number of release audit warnings. +1 site 3m 1s Site still builds. +1 checkstyle 1m 38s There were no new checkstyle issues. +1 whitespace 0m 1s The patch has no lines that end in whitespace. +1 install 1m 28s mvn install still works. +1 eclipse:eclipse 0m 34s The patch built with eclipse:eclipse. +1 findbugs 2m 48s The patch does not introduce any new Findbugs (version 3.0.0) warnings. +1 common tests 5m 13s Tests passed in hadoop-auth. +1 common tests 22m 49s Tests passed in hadoop-common.     78m 40s   Subsystem Report/Notes Patch URL http://issues.apache.org/jira/secure/attachment/12745724/HADOOP-12050.004.patch Optional Tests javadoc javac unit findbugs checkstyle site git revision trunk / ee36f4f hadoop-auth test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7295/artifact/patchprocess/testrun_hadoop-auth.txt hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7295/artifact/patchprocess/testrun_hadoop-common.txt Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7295/testReport/ Java 1.7.0_55 uname Linux asf907.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7295/console This message was automatically generated.
          Hide
          hzlu Huizhi Lu added a comment -

          HADOOP-12050.004.patch

          Show
          hzlu Huizhi Lu added a comment - HADOOP-12050 .004.patch
          Hide
          benoyantony Benoy Antony added a comment -

          I have the following review comments on this patch

          1. The token is updated after signing the token. This is not correct.

                    if (!newToken  && !token.isExpired() &&
                        token != AuthenticationToken.ANONYMOUS &&
                        !isCookiePersistent() &&
                        getMaxInactiveInterval() > 0) {
                      String signedToken = signer.sign(token.toString());
                      token.setMaxInactives(System.currentTimeMillis()
                          + getMaxInactiveInterval() * 1000);
                      createAuthCookie(httpResponse, signedToken, getCookieDomain(),
                          getCookiePath(), token.getExpires(),
                          isCookiePersistent(), isHttps);
                    }
          

          2. There is some code duplication between the above code block and the block before it . Please refactor so that code duplication is minimized.

          Show
          benoyantony Benoy Antony added a comment - I have the following review comments on this patch 1. The token is updated after signing the token. This is not correct. if (!newToken && !token.isExpired() && token != AuthenticationToken.ANONYMOUS && !isCookiePersistent() && getMaxInactiveInterval() > 0) { String signedToken = signer.sign(token.toString()); token.setMaxInactives( System .currentTimeMillis() + getMaxInactiveInterval() * 1000); createAuthCookie(httpResponse, signedToken, getCookieDomain(), getCookiePath(), token.getExpires(), isCookiePersistent(), isHttps); } 2. There is some code duplication between the above code block and the block before it . Please refactor so that code duplication is minimized.
          Hide
          hadoopqa Hadoop QA added a comment -



          +1 overall



          Vote Subsystem Runtime Comment
          0 pre-patch 15m 33s Pre-patch trunk compilation is healthy.
          +1 @author 0m 0s The patch does not contain any @author tags.
          +1 tests included 0m 0s The patch appears to include 1 new or modified test files.
          +1 javac 7m 36s There were no new javac warning messages.
          +1 javadoc 9m 34s There were no new javadoc warning messages.
          +1 release audit 0m 23s The applied patch does not increase the total number of release audit warnings.
          +1 checkstyle 0m 22s There were no new checkstyle issues.
          +1 whitespace 0m 0s The patch has no lines that end in whitespace.
          +1 install 1m 21s mvn install still works.
          +1 eclipse:eclipse 0m 33s The patch built with eclipse:eclipse.
          +1 findbugs 0m 42s The patch does not introduce any new Findbugs (version 3.0.0) warnings.
          +1 common tests 5m 18s Tests passed in hadoop-auth.
              41m 25s  



          Subsystem Report/Notes
          Patch URL http://issues.apache.org/jira/secure/attachment/12744859/HADOOP-12050.003.patch
          Optional Tests javadoc javac unit findbugs checkstyle
          git revision trunk / 47f4c54
          hadoop-auth test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7238/artifact/patchprocess/testrun_hadoop-auth.txt
          Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7238/testReport/
          Java 1.7.0_55
          uname Linux asf903.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
          Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7238/console

          This message was automatically generated.

          Show
          hadoopqa Hadoop QA added a comment - +1 overall Vote Subsystem Runtime Comment 0 pre-patch 15m 33s Pre-patch trunk compilation is healthy. +1 @author 0m 0s The patch does not contain any @author tags. +1 tests included 0m 0s The patch appears to include 1 new or modified test files. +1 javac 7m 36s There were no new javac warning messages. +1 javadoc 9m 34s There were no new javadoc warning messages. +1 release audit 0m 23s The applied patch does not increase the total number of release audit warnings. +1 checkstyle 0m 22s There were no new checkstyle issues. +1 whitespace 0m 0s The patch has no lines that end in whitespace. +1 install 1m 21s mvn install still works. +1 eclipse:eclipse 0m 33s The patch built with eclipse:eclipse. +1 findbugs 0m 42s The patch does not introduce any new Findbugs (version 3.0.0) warnings. +1 common tests 5m 18s Tests passed in hadoop-auth.     41m 25s   Subsystem Report/Notes Patch URL http://issues.apache.org/jira/secure/attachment/12744859/HADOOP-12050.003.patch Optional Tests javadoc javac unit findbugs checkstyle git revision trunk / 47f4c54 hadoop-auth test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7238/artifact/patchprocess/testrun_hadoop-auth.txt Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7238/testReport/ Java 1.7.0_55 uname Linux asf903.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7238/console This message was automatically generated.
          Hide
          hzlu Huizhi Lu added a comment -

          Created 4 situations in the test case.

          Show
          hzlu Huizhi Lu added a comment - Created 4 situations in the test case.
          Hide
          hzlu Huizhi Lu added a comment -

          No problem. Will do.

          On Thu, Jun 25, 2015 at 5:05 PM, Benoy Antony (JIRA) <jira@apache.org>

          Show
          hzlu Huizhi Lu added a comment - No problem. Will do. On Thu, Jun 25, 2015 at 5:05 PM, Benoy Antony (JIRA) <jira@apache.org>
          Hide
          benoyantony Benoy Antony added a comment -

          Thanks for working on this, Huizhi Lu . A few comments on the patch.

          1. Please add test cases to test the following scenarios
          a. Both expiry period and InActiveInterval are not reached.
          b. Expiry period is reached, InActiveInterval is not reached
          c. Expiry period is not reached, InActiveInterval is reached
          d. Both expiry period and InActiveInterval are reached.

          2. Update the http auth documentation with enhancements introduced in HADOOP-12049 and HADOOP-12050.

          3. A nit: change maxInactive to maxInActive (camel case).

          Show
          benoyantony Benoy Antony added a comment - Thanks for working on this, Huizhi Lu . A few comments on the patch. 1. Please add test cases to test the following scenarios a. Both expiry period and InActiveInterval are not reached. b. Expiry period is reached, InActiveInterval is not reached c. Expiry period is not reached, InActiveInterval is reached d. Both expiry period and InActiveInterval are reached. 2. Update the http auth documentation with enhancements introduced in HADOOP-12049 and HADOOP-12050 . 3. A nit: change maxInactive to maxInActive (camel case).
          Hide
          hadoopqa Hadoop QA added a comment -



          +1 overall



          Vote Subsystem Runtime Comment
          0 pre-patch 15m 8s Pre-patch trunk compilation is healthy.
          +1 @author 0m 0s The patch does not contain any @author tags.
          +1 tests included 0m 0s The patch appears to include 1 new or modified test files.
          +1 javac 7m 30s There were no new javac warning messages.
          +1 javadoc 9m 39s There were no new javadoc warning messages.
          +1 release audit 0m 21s The applied patch does not increase the total number of release audit warnings.
          +1 checkstyle 0m 21s There were no new checkstyle issues.
          +1 whitespace 0m 0s The patch has no lines that end in whitespace.
          +1 install 1m 34s mvn install still works.
          +1 eclipse:eclipse 0m 34s The patch built with eclipse:eclipse.
          +1 findbugs 0m 42s The patch does not introduce any new Findbugs (version 3.0.0) warnings.
          +1 common tests 5m 19s Tests passed in hadoop-auth.
              41m 11s  



          Subsystem Report/Notes
          Patch URL http://issues.apache.org/jira/secure/attachment/12741920/HADOOP-12050.002.patch
          Optional Tests javadoc javac unit findbugs checkstyle
          git revision trunk / aa5b15b
          hadoop-auth test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7042/artifact/patchprocess/testrun_hadoop-auth.txt
          Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7042/testReport/
          Java 1.7.0_55
          uname Linux asf906.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
          Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7042/console

          This message was automatically generated.

          Show
          hadoopqa Hadoop QA added a comment - +1 overall Vote Subsystem Runtime Comment 0 pre-patch 15m 8s Pre-patch trunk compilation is healthy. +1 @author 0m 0s The patch does not contain any @author tags. +1 tests included 0m 0s The patch appears to include 1 new or modified test files. +1 javac 7m 30s There were no new javac warning messages. +1 javadoc 9m 39s There were no new javadoc warning messages. +1 release audit 0m 21s The applied patch does not increase the total number of release audit warnings. +1 checkstyle 0m 21s There were no new checkstyle issues. +1 whitespace 0m 0s The patch has no lines that end in whitespace. +1 install 1m 34s mvn install still works. +1 eclipse:eclipse 0m 34s The patch built with eclipse:eclipse. +1 findbugs 0m 42s The patch does not introduce any new Findbugs (version 3.0.0) warnings. +1 common tests 5m 19s Tests passed in hadoop-auth.     41m 11s   Subsystem Report/Notes Patch URL http://issues.apache.org/jira/secure/attachment/12741920/HADOOP-12050.002.patch Optional Tests javadoc javac unit findbugs checkstyle git revision trunk / aa5b15b hadoop-auth test log https://builds.apache.org/job/PreCommit-HADOOP-Build/7042/artifact/patchprocess/testrun_hadoop-auth.txt Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/7042/testReport/ Java 1.7.0_55 uname Linux asf906.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/7042/console This message was automatically generated.
          Hide
          hadoopqa Hadoop QA added a comment -



          -1 overall



          Vote Subsystem Runtime Comment
          0 pre-patch 22m 2s Pre-patch trunk compilation is healthy.
          +1 @author 0m 0s The patch does not contain any @author tags.
          +1 tests included 0m 0s The patch appears to include 3 new or modified test files.
          +1 javac 9m 8s There were no new javac warning messages.
          -1 javadoc 11m 26s The applied patch generated 2 additional warning messages.
          +1 release audit 0m 23s The applied patch does not increase the total number of release audit warnings.
          -1 checkstyle 1m 7s The applied patch generated 20 new checkstyle issues (total was 68, now 88).
          -1 whitespace 0m 1s The patch has 1 line(s) that end in whitespace. Use git apply --whitespace=fix.
          +1 install 1m 35s mvn install still works.
          +1 eclipse:eclipse 0m 32s The patch built with eclipse:eclipse.
          +1 findbugs 2m 33s The patch does not introduce any new Findbugs (version 3.0.0) warnings.
          -1 common tests 5m 18s Tests failed in hadoop-auth.
          -1 common tests 37m 52s Tests failed in hadoop-common.
              92m 23s  



          Reason Tests
          Failed unit tests hadoop.security.authentication.server.TestAuthenticationFilter
          Timed out tests org.apache.hadoop.http.TestAuthenticationSessionCookie



          Subsystem Report/Notes
          Patch URL http://issues.apache.org/jira/secure/attachment/12739440/Enable-MaxInactiveInterval-for-hadoop-http-auth-toke.patch
          Optional Tests javadoc javac unit findbugs checkstyle
          git revision trunk / 04c9a07
          javadoc https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/artifact/patchprocess/diffJavadocWarnings.txt
          checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/artifact/patchprocess/diffcheckstylehadoop-auth.txt
          whitespace https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/artifact/patchprocess/whitespace.txt
          hadoop-auth test log https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/artifact/patchprocess/testrun_hadoop-auth.txt
          hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/artifact/patchprocess/testrun_hadoop-common.txt
          Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/testReport/
          Java 1.7.0_55
          uname Linux asf903.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
          Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/console

          This message was automatically generated.

          Show
          hadoopqa Hadoop QA added a comment - -1 overall Vote Subsystem Runtime Comment 0 pre-patch 22m 2s Pre-patch trunk compilation is healthy. +1 @author 0m 0s The patch does not contain any @author tags. +1 tests included 0m 0s The patch appears to include 3 new or modified test files. +1 javac 9m 8s There were no new javac warning messages. -1 javadoc 11m 26s The applied patch generated 2 additional warning messages. +1 release audit 0m 23s The applied patch does not increase the total number of release audit warnings. -1 checkstyle 1m 7s The applied patch generated 20 new checkstyle issues (total was 68, now 88). -1 whitespace 0m 1s The patch has 1 line(s) that end in whitespace. Use git apply --whitespace=fix. +1 install 1m 35s mvn install still works. +1 eclipse:eclipse 0m 32s The patch built with eclipse:eclipse. +1 findbugs 2m 33s The patch does not introduce any new Findbugs (version 3.0.0) warnings. -1 common tests 5m 18s Tests failed in hadoop-auth. -1 common tests 37m 52s Tests failed in hadoop-common.     92m 23s   Reason Tests Failed unit tests hadoop.security.authentication.server.TestAuthenticationFilter Timed out tests org.apache.hadoop.http.TestAuthenticationSessionCookie Subsystem Report/Notes Patch URL http://issues.apache.org/jira/secure/attachment/12739440/Enable-MaxInactiveInterval-for-hadoop-http-auth-toke.patch Optional Tests javadoc javac unit findbugs checkstyle git revision trunk / 04c9a07 javadoc https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/artifact/patchprocess/diffJavadocWarnings.txt checkstyle https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/artifact/patchprocess/diffcheckstylehadoop-auth.txt whitespace https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/artifact/patchprocess/whitespace.txt hadoop-auth test log https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/artifact/patchprocess/testrun_hadoop-auth.txt hadoop-common test log https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/artifact/patchprocess/testrun_hadoop-common.txt Test Results https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/testReport/ Java 1.7.0_55 uname Linux asf903.gq1.ygridcore.net 3.13.0-36-lowlatency #63-Ubuntu SMP PREEMPT Wed Sep 3 21:56:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Console output https://builds.apache.org/job/PreCommit-HADOOP-Build/6966/console This message was automatically generated.
          Hide
          hzlu Huizhi Lu added a comment -

          This is the correct one, combining HADOOP-12049 & HADOOP-12050.

          Show
          hzlu Huizhi Lu added a comment - This is the correct one, combining HADOOP-12049 & HADOOP-12050 .
          Hide
          hzlu Huizhi Lu added a comment -

          Patch for Enable-MaxInactiveInterval-for-hadoop-http-auth-toke

          Show
          hzlu Huizhi Lu added a comment - Patch for Enable-MaxInactiveInterval-for-hadoop-http-auth-toke

            People

            • Assignee:
              hzlu Huizhi Lu
              Reporter:
              benoyantony Benoy Antony
            • Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development