[HADOOP-8855] SSL-based image transfer does not work when Kerberos is disabled - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 2.0.2-alpha, 3.0.0-alpha1
Fix Version/s: 2.0.3-alpha
Component/s: security
Labels:
None

Hadoop Flags:

Reviewed

Description

In SecurityUtil.openSecureHttpConnection, we first check UserGroupInformation.isSecurityEnabled(). However, this only checks the kerberos config, which is independent of hadoop.ssl.enabled. Instead, we should check HttpConfig.isSecure().

Credit to Wing Yew Poon for discovering this bug

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

hadoop-8855.txt
26/Sep/12 18:57
1.0 kB
Todd Lipcon
hadoop-8855.txt
26/Sep/12 21:10
6 kB
Todd Lipcon
hadoop-8855.txt
26/Sep/12 21:41
6 kB
Todd Lipcon

Issue Links

breaks

HADOOP-9899 Remove the debug message added by HADOOP-8855

Closed

is depended upon by

HADOOP-8883 Anonymous fallback in KerberosAuthenticator is broken

Closed

is related to

HADOOP-8859 Improve SecurityUtil#openSecureHttpConnection javadoc

Open

relates to

HADOOP-10078 KerberosAuthenticator always does SPNEGO

Closed

Activity

People

Assignee:: Todd Lipcon

Reporter:: Todd Lipcon

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 26/Sep/12 18:56

Updated:: 12/May/16 18:27

Resolved:: 27/Sep/12 05:09