Uploaded image for project: 'IMPALA'
  1. IMPALA
  2. IMPALA-9423

Fix cookie auth with Knox

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: Impala 3.4.0
    • Component/s: Clients
    • Labels:
      None
    • Epic Color:
      ghx-label-2

      Description

      When Apache Knox is being used to proxy connections to Impala, it used to be the case that Knox would return the authentication cookies generated by Impala, saving extra round trips and authentications to Kerberos/LDAP.

      This was broken by KNOX-2223 - Knox only returns auth cookies that it thinks are for it, which it determines by checking for its Kerberos principal in the cookie string. With KNOX-2223, the principal is expected to be preceded by a '=', which Impala doesn't do.

        Attachments

          Activity

            People

            • Assignee:
              twmarshall Thomas Tauber-Marshall
              Reporter:
              twmarshall Thomas Tauber-Marshall
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: