Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-8314

HttpServer#hasAdminAccess should return false if authorization is enabled but user is not authenticated

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.1.0, 2.0.0-alpha, 3.0.0-alpha1
    • Fix Version/s: 1.1.0, 2.0.0-alpha
    • Component/s: security
    • Labels:
      None
    • Hadoop Flags:
      Incompatible change, Reviewed

      Description

      If the user is not authenticated (request.getRemoteUser() returns NULL) or there is not authentication filter configured (thus returning also NULL), hasAdminAccess should return false. Note that a filter could allow anonymous access, thus the first case.

        Attachments

        1. HADOOP-8314_branch-1.patch
          5 kB
          Alejandro Abdelnur
        2. HADOOP-8314.patch
          5 kB
          Alejandro Abdelnur
        3. HADOOP-8314.patch
          5 kB
          Alejandro Abdelnur

          Activity

            People

            • Assignee:
              tucu00 Alejandro Abdelnur
              Reporter:
              tucu00 Alejandro Abdelnur
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: