[HADOOP-14146] KerberosAuthenticationHandler should authenticate with SPN in AP-REQ - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.5.0
Fix Version/s: 2.9.0, 3.0.0-alpha4, 2.8.2
Component/s: security
Labels:
None

Target Version/s:

2.8.1
Hadoop Flags:

Reviewed

Description

Many attempts (~~HADOOP-10158~~, ~~HADOOP-11628~~, ~~HADOOP-13565~~) have tried to add multiple SPN host and/or realm support to spnego authentication. The basic problem is the server tries to guess and/or brute force what SPN the client used. The server should just decode the SPN from the AP-REQ.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-14146.1.patch
07/Mar/17 14:19
28 kB
Daryn Sharp
HADOOP-14146.2.patch
05/Jun/17 15:00
27 kB
Daryn Sharp
HADOOP-14146.3.patch
08/Jun/17 16:12
27 kB
Daryn Sharp
HADOOP-14146.addendum.patch
23/Jun/17 13:31
0.8 kB
Daryn Sharp
HADOOP-14146.branch-2.test-import.patch
23/Jun/17 17:40
1 kB
Daryn Sharp
HADOOP-14146.patch
03/Mar/17 22:49
28 kB
Daryn Sharp

Activity

People

Assignee:: Daryn Sharp

Reporter:: Daryn Sharp

Votes:: 0 Vote for this issue

Watchers:: 14 Start watching this issue

Dates

Created:: 03/Mar/17 22:17

Updated:: 23/Jun/17 18:31

Resolved:: 23/Jun/17 18:31