You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Phil Zampino (JIRA)" <ji...@apache.org> on 2018/02/28 19:48:00 UTC
[jira] [Commented] (KNOX-1196) Caching HS2 auth cookies causes
errors when the HS2 is restarted
[ https://issues.apache.org/jira/browse/KNOX-1196?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16380941#comment-16380941 ]
Phil Zampino commented on KNOX-1196:
------------------------------------
The root of the problem here is that Knox has no way of knowing that the hive.server2.auth cookie is invalid. HS2 returns a vague HTTP 500 response, rather than something more appropriate (e.g., 401) indicating that it's an authentication issue.
> Caching HS2 auth cookies causes errors when the HS2 is restarted
> ----------------------------------------------------------------
>
> Key: KNOX-1196
> URL: https://issues.apache.org/jira/browse/KNOX-1196
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 0.14.0, 1.0.0
> Reporter: Phil Zampino
> Assignee: Phil Zampino
> Priority: Major
> Fix For: 1.1.0
>
> Attachments: KNOX-1196.patch
>
>
> HiveServer2 signs their auth cookies; when HS2 is restarted, previously-signed cookies are no longer valid. Knox is caching them via the HttpClient HadoopAuthCookieStore, and this causes failures after the HS2 restart. Knox must clear the previous cookies.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)