You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Benoy Antony (JIRA)" <ji...@apache.org> on 2015/06/02 01:12:18 UTC

[jira] [Created] (HADOOP-12050) Enable MaxInactiveInterval for hadoop http auth token

Benoy Antony created HADOOP-12050:
-------------------------------------

             Summary: Enable MaxInactiveInterval for hadoop http auth token
                 Key: HADOOP-12050
                 URL: https://issues.apache.org/jira/browse/HADOOP-12050
             Project: Hadoop Common
          Issue Type: Improvement
          Components: security
            Reporter: Benoy Antony
            Assignee: Benoy Antony


During http authentication, a cookie which contains the authentication token is dropped. The expiry time of the authentication token can be configured via hadoop.http.authentication.token.validity. The default value is 10 hours.

For clusters which require enhanced security, it is desirable to have a configurable MaxInActiveInterval for the authentication token. If there is no activity during MaxInActiveInterval, the authentication token will be invalidated. 

The MaxInActiveInterval will be less than hadoop.http.authentication.token.validity. The default value will be 30 minutes.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)