Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-8465

hadoop-auth should support ephemeral authentication

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.0.0-alpha
    • 2.0.2-alpha
    • security
    • None
    • Reviewed

    Description

      Currently, once a client is authenticated the generated authentication-token (& cookie) are valid for a given (service configurable) lifespan.

      Once the authentication-token (& cookie) is issued, the authentication logic will not be triggered until the authentication-token expires.

      This behavior does not work well with delegation tokens expected behavior where delegation tokens can be canceled at any time.

      Having ephemeral authentication (which is check on every request) would address this issue.

      Attachments

        1. HADOOP-8465.patch
          10 kB
          Alejandro Abdelnur
        2. HADOOP-8465.patch
          9 kB
          Alejandro Abdelnur

        Issue Links

          depends upon

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-8458 Add management hook to AuthenticationHandler to enable delegation token operations support

          • Major - Major loss of function.
          • Closed
          is required by

          New Feature - A new feature of the product, which has yet to be developed. HDFS-3113 httpfs does not support delegation tokens

          • Major - Major loss of function.
          • Closed

          Activity

            People

              tucu00 Alejandro Abdelnur
              tucu00 Alejandro Abdelnur
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: