[HADOOP-16076] SPNEGO+SSL Client Connections with HttpClient Broken - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 3.2.0
Fix Version/s: 3.3.0, 3.2.1
Component/s: build, security
Labels:
None

Description

Client connections with HttpClient to a SPNEGO secured endpoint with TLS enabled break due to a misrepresentation of the SPN to include HTTPS instead of just HTTP.

The current use of HTTPClient 4.5.2 is affected by ~~HTTPCLIENT-1712~~ and breaks SPNEGO with HTTPS endpoints since it include the httpS in the principal name.

We need to migrate to at least 4.5.3 as we have tested with that version and observed it fixing the issue. Need to do some due diligence to determine the cleanest version to upgrade to but will provide a patch in a day or so.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-16076-01.patch
28/Jan/19 20:47
0.5 kB
Larry McCay

Issue Links

is depended upon by

HADOOP-9991 Fix up Hadoop POMs, roll up JARs to latest versions

Open

relates to

HIVE-21306 Upgrade HttpComponents to the latest versions similar to what Hadoop has done.

Closed

SPARK-22919 Bump Apache httpclient versions

Resolved

Activity

People

Assignee:: Larry McCay

Reporter:: Larry McCay

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 25/Jan/19 22:30

Updated:: 22/Feb/19 05:32

Resolved:: 04/Feb/19 17:41