You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@oozie.apache.org by "Hadoop QA (JIRA)" <ji...@apache.org> on 2011/09/08 06:25:09 UTC
[jira] [Created] (OOZIE-77) GH-35: Oozie should support Kerberos
authentication on its HTTP REST API
GH-35: Oozie should support Kerberos authentication on its HTTP REST API
------------------------------------------------------------------------
Key: OOZIE-77
URL: https://issues.apache.org/jira/browse/OOZIE-77
Project: Oozie
Issue Type: Bug
Reporter: Hadoop QA
The correct way of doing this would be using an SPNEGO filter on the server side.
Ideally authentication should be plugglable, allowing support for cookie based auth, certs, etc.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-77) GH-35: Oozie should support Kerberos
authentication on its HTTP REST API
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-77?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13101742#comment-13101742 ]
Hadoop QA commented on OOZIE-77:
--------------------------------
anew remarked:
Hi Tucu,
you had posted a patch/pr for this earlier but it seems that you have removed that in the meantime. Could you please post that again? I would like to compare it to the patch that Angelo submitted, so that we can can find a common denominator.
Thanks -Andreas.
> GH-35: Oozie should support Kerberos authentication on its HTTP REST API
> ------------------------------------------------------------------------
>
> Key: OOZIE-77
> URL: https://issues.apache.org/jira/browse/OOZIE-77
> Project: Oozie
> Issue Type: Bug
> Reporter: Hadoop QA
> Assignee: Roman Shaposhnik
>
> The correct way of doing this would be using an SPNEGO filter on the server side.
> Ideally authentication should be plugglable, allowing support for cookie based auth, certs, etc.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (OOZIE-77) GH-35: Oozie should support Kerberos
authentication on its HTTP REST API
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-77?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Hadoop QA resolved OOZIE-77.
----------------------------
Resolution: Fixed
> GH-35: Oozie should support Kerberos authentication on its HTTP REST API
> ------------------------------------------------------------------------
>
> Key: OOZIE-77
> URL: https://issues.apache.org/jira/browse/OOZIE-77
> Project: Oozie
> Issue Type: Bug
> Reporter: Hadoop QA
>
> The correct way of doing this would be using an SPNEGO filter on the server side.
> Ideally authentication should be plugglable, allowing support for cookie based auth, certs, etc.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Reopened] (OOZIE-77) GH-35: Oozie should support Kerberos
authentication on its HTTP REST API
Posted by "Roman Shaposhnik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-77?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Roman Shaposhnik reopened OOZIE-77:
-----------------------------------
Assignee: Roman Shaposhnik
> GH-35: Oozie should support Kerberos authentication on its HTTP REST API
> ------------------------------------------------------------------------
>
> Key: OOZIE-77
> URL: https://issues.apache.org/jira/browse/OOZIE-77
> Project: Oozie
> Issue Type: Bug
> Reporter: Hadoop QA
> Assignee: Roman Shaposhnik
>
> The correct way of doing this would be using an SPNEGO filter on the server side.
> Ideally authentication should be plugglable, allowing support for cookie based auth, certs, etc.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-77) GH-35: Oozie should support Kerberos
authentication on its HTTP REST API
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-77?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13101740#comment-13101740 ]
Hadoop QA commented on OOZIE-77:
--------------------------------
tucu00 remarked:
That would be good if they support Kerberos SPENGO.
> GH-35: Oozie should support Kerberos authentication on its HTTP REST API
> ------------------------------------------------------------------------
>
> Key: OOZIE-77
> URL: https://issues.apache.org/jira/browse/OOZIE-77
> Project: Oozie
> Issue Type: Bug
> Reporter: Hadoop QA
> Assignee: Roman Shaposhnik
>
> The correct way of doing this would be using an SPNEGO filter on the server side.
> Ideally authentication should be plugglable, allowing support for cookie based auth, certs, etc.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-77) GH-35: Oozie should support Kerberos
authentication on its HTTP REST API
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-77?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13099774#comment-13099774 ]
Hadoop QA commented on OOZIE-77:
--------------------------------
toddlipcon remarked:
Hopefully this can use the same servletfilter plugins as hadoop core.
> GH-35: Oozie should support Kerberos authentication on its HTTP REST API
> ------------------------------------------------------------------------
>
> Key: OOZIE-77
> URL: https://issues.apache.org/jira/browse/OOZIE-77
> Project: Oozie
> Issue Type: Bug
> Reporter: Hadoop QA
>
> The correct way of doing this would be using an SPNEGO filter on the server side.
> Ideally authentication should be plugglable, allowing support for cookie based auth, certs, etc.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-77) GH-35: Oozie should support Kerberos
authentication on its HTTP REST API
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-77?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13101741#comment-13101741 ]
Hadoop QA commented on OOZIE-77:
--------------------------------
tucu00 remarked:
Given the current developments, I'll remove the 2.3 tag from this issue as it will not make it to the 2.3 release.
-----------
From: Alejandro Abdelnur
Date: Thu, Dec 9, 2010 at 1:06 PM
Thanks for the answer.
This means that Yahoo will not be contributing the Kerberos/SPNEGO patch for the Oozie 2.3 release scheduled to feature freeze on December 10th.
I'll C&P this email to issue GH-0035.
I'll also proceed to create an issue for branching 2.3 in preparation for feature freeze.
Alejandro
> On Thu, Dec 9, 2010 at 9:06 AM, Mohammad Islam wrote:
>
> Hi,
> Oozie team at Yahoo has decided to add an authenticator module that would allow
> user to plug-in any custom authenticator provider (such as Kerberos). Basically user
> has to implement his custom authenticator provider and configure oozie server
> accordingly. In this case, oozie server doesn’t require any rebuilding. Angelo will
> soon commence a discussion of this pluggable approach in this group.
>
> In short, this is the high-level plan:
> Yahoo will provide a basic framework where any custom authenticator module
> could be plugged. In addition, Yahoo will provide a no-op authenticator module (as
> an example) that could be used as default provider. This example will assist in
> writing any custom authenticator provider. As soon as the implementation details
> discussion closes, oozie team at yahoo will commit the code.
> Another custom implementation for kerberos-based authenticator provider might be > available later.
>
> Regards,
> Mohammad
> GH-35: Oozie should support Kerberos authentication on its HTTP REST API
> ------------------------------------------------------------------------
>
> Key: OOZIE-77
> URL: https://issues.apache.org/jira/browse/OOZIE-77
> Project: Oozie
> Issue Type: Bug
> Reporter: Hadoop QA
> Assignee: Roman Shaposhnik
>
> The correct way of doing this would be using an SPNEGO filter on the server side.
> Ideally authentication should be plugglable, allowing support for cookie based auth, certs, etc.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira