Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-16076

SPNEGO+SSL Client Connections with HttpClient Broken

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.2.0
    • Fix Version/s: 3.3.0, 3.2.1
    • Component/s: build, security
    • Labels:
      None

      Description

      Client connections with HttpClient to a SPNEGO secured endpoint with TLS enabled break due to a misrepresentation of the SPN to include HTTPS instead of just HTTP.

      The current use of HTTPClient 4.5.2 is affected by HTTPCLIENT-1712 and breaks SPNEGO with HTTPS endpoints since it include the httpS in the principal name.

      We need to migrate to at least 4.5.3 as we have tested with that version and observed it fixing the issue. Need to do some due diligence to determine the cleanest version to upgrade to but will provide a patch in a day or so.

        Attachments

        1. HADOOP-16076-01.patch
          0.5 kB
          Larry McCay

        Issue Links

          Activity

            People

            • Assignee:
              lmccay Larry McCay
              Reporter:
              lmccay Larry McCay

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment