Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-13105

Support timeouts in LDAP queries in LdapGroupsMapping.

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 2.8.0, 3.0.0-alpha1, 2.7.6
    • security
    • None
    • Reviewed
    • Hide
      This patch adds two new config keys for supporting timeouts in LDAP query operations. The property "hadoop.security.group.mapping.ldap.connection.timeout.ms" is the connection timeout (in milliseconds), within which period if the LDAP provider doesn't establish a connection, it will abort the connect attempt. The property "hadoop.security.group.mapping.ldap.read.timeout.ms" is the read timeout (in milliseconds), within which period if the LDAP provider doesn't get a LDAP response, it will abort the read attempt.
      Show
      This patch adds two new config keys for supporting timeouts in LDAP query operations. The property "hadoop.security.group.mapping.ldap.connection.timeout.ms" is the connection timeout (in milliseconds), within which period if the LDAP provider doesn't establish a connection, it will abort the connect attempt. The property "hadoop.security.group.mapping.ldap.read.timeout.ms" is the read timeout (in milliseconds), within which period if the LDAP provider doesn't get a LDAP response, it will abort the read attempt.

    Description

      LdapGroupsMapping currently does not set timeouts on the LDAP queries. This can create a risk of a very long/infinite wait on a connection.

      Attachments

        1. HADOOP-13105.000.patch
          4 kB
          Mingliang Liu
        2. HADOOP-13105.001.patch
          10 kB
          Mingliang Liu
        3. HADOOP-13105.002.patch
          9 kB
          Mingliang Liu
        4. HADOOP-13105.003.patch
          10 kB
          Mingliang Liu
        5. HADOOP-13105.004.patch
          10 kB
          Mingliang Liu

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            liuml07 Mingliang Liu
            cnauroth Chris Nauroth
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment