You are viewing a plain text version of this content. The canonical link for it is here.

Posted to yarn-issues@hadoop.apache.org by "Gergely Novák (JIRA)" <ji...@apache.org> on 2018/05/16 11:58:00 UTC

[jira] [Commented] (YARN-8277) [UI2] Changing the user name for service in the new UI does not update the hadoop.auth cookie

    [ https://issues.apache.org/jira/browse/YARN-8277?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16477302#comment-16477302 ] 

Gergely Novák commented on YARN-8277:
-------------------------------------

Additional info: the hadoop.auth cookie is HttpOnly, so I can't simply delete it from client side..

> [UI2] Changing the user name for service in the new UI does not update the hadoop.auth cookie
> ---------------------------------------------------------------------------------------------
>
>                 Key: YARN-8277
>                 URL: https://issues.apache.org/jira/browse/YARN-8277
>             Project: Hadoop YARN
>          Issue Type: Bug
>          Components: yarn-ui-v2
>            Reporter: Gergely Novák
>            Priority: Major
>
> Steps to reproduce:
> 1) Click on "New Service" on the new YARN UI.
> 2) Provide an invalid, not existing user (e.g. "invalid").
> 3) Provide a service definition (e.g. sleeper) via the form or json.
> 4) Press deploy.
> 5) Response: Error: Adapter operation failed. With developer tools you can check that {{/app/v1/services/?user.name=invalid}} gave a 403 status code with this diagnostic message:
> {code}
> "Permission denied: user=invalid, access=EXECUTE, ...
> {code}
> 6) Fix the user name, provide an existing user.
> 7) Press deploy.
> Expected behaviour: the user should successfully deploy the service.
> Current behaviour: The error response is the same.
> Root cause: The query parameter of the new request is correct ({{?user.name=existing_user}}), however the hadoop.auth cookie is the old one: {{"u=invalid&p=invalid&t=simple-dt&e=1526073119565...}}. Thus the request will fail with the same "Permission denied" error. 
> The only workaround for the user to fix this is to clear the hadoop.auth cookie from the browser. 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: yarn-issues-help@hadoop.apache.org