Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-12050

Enable MaxInactiveInterval for hadoop http auth token

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.7.1
    • Fix Version/s: 2.8.0, 3.0.0-alpha1
    • Component/s: security
    • Labels:
      None

      Description

      During http authentication, a cookie which contains the authentication token is dropped. The expiry time of the authentication token can be configured via hadoop.http.authentication.token.validity. The default value is 10 hours.

      For clusters which require enhanced security, it is desirable to have a configurable MaxInActiveInterval for the authentication token. If there is no activity during MaxInActiveInterval, the authentication token will be invalidated.

      The MaxInActiveInterval will be less than hadoop.http.authentication.token.validity. The default value will be 30 minutes.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                hzlu H Lu
                Reporter:
                benoyantony Benoy Antony
              • Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: