You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Allen Wittenauer (JIRA)" <ji...@apache.org> on 2012/11/17 21:38:12 UTC
[jira] [Commented] (HADOOP-9054) Add AuthenticationHandler that
uses Kerberos but allows for an alternate form of authentication for
browsers
[ https://issues.apache.org/jira/browse/HADOOP-9054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13499512#comment-13499512 ]
Allen Wittenauer commented on HADOOP-9054:
------------------------------------------
On the Hadoop side, the authentication handler is already plug-able. So it looks like you want to make them chain-able? Also keep in mind that on the Hadoop-side, the user is going to get bounced around a lot. As a result, this means they might need to re-authenticate on every host if one isn't careful about the implementation.
> Add AuthenticationHandler that uses Kerberos but allows for an alternate form of authentication for browsers
> ------------------------------------------------------------------------------------------------------------
>
> Key: HADOOP-9054
> URL: https://issues.apache.org/jira/browse/HADOOP-9054
> Project: Hadoop Common
> Issue Type: New Feature
> Components: security
> Reporter: Robert Kanter
> Assignee: Robert Kanter
> Fix For: 1.2.0, 2.0.3-alpha
>
>
> It would be useful for some Oozie users if, when using Kerberos, that browser access to the oozie web UI could be authenticated in a different way (w/o Kerberos). This may be useful for other projects using Hadoop-Auth, so this feature is to add a new AuthenticationHandler that uses Kerberos by default, unless a browser (user-agents are configurable) is used, in which case some other form of authentication can be used.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira