Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-12050

Enable MaxInactiveInterval for hadoop http auth token

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.7.1
    • 2.8.0, 3.0.0-alpha1
    • security
    • None

    Description

      During http authentication, a cookie which contains the authentication token is dropped. The expiry time of the authentication token can be configured via hadoop.http.authentication.token.validity. The default value is 10 hours.

      For clusters which require enhanced security, it is desirable to have a configurable MaxInActiveInterval for the authentication token. If there is no activity during MaxInActiveInterval, the authentication token will be invalidated.

      The MaxInActiveInterval will be less than hadoop.http.authentication.token.validity. The default value will be 30 minutes.

      Attachments

        1. HADOOP-12050.003.patch
          15 kB
          Huizhi Lu
        2. HADOOP-12050.004.patch
          24 kB
          Huizhi Lu

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            hzlu Huizhi Lu
            benoyantony Benoy Antony
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Issue deployment