You are viewing a plain text version of this content. The canonical link for it is here.

Posted to mapreduce-issues@hadoop.apache.org by "Jonathan Eagles (Updated) (JIRA)" <ji...@apache.org> on 2012/02/17 23:50:57 UTC

[jira] [Updated] (MAPREDUCE-3878) Null user on filtered jobhistory job page

     [ https://issues.apache.org/jira/browse/MAPREDUCE-3878?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jonathan Eagles updated MAPREDUCE-3878:
---------------------------------------

    Description: If jobhistory/job.* is filtered to bypass acl, resulting page will always show Null user. This differs from 0.20 where filtering on this page, bypasses security to allow all access to the page. essentially passes a null user to AppController where an exception is thrown. If a null user is detected, we should acl checking is disabled on this page.  (was: If jobhistory/job.* is included in the byauth.bypass.paths. URL will always show Null user. This differs from 0.20 where this setting disables security on this page. Bypassing the filter essentially passes a null user to AppController where an exception is thrown. If a null user is detected, we should assume security is disabled on this page.)
        Summary: Null user on filtered jobhistory job page  (was: byauth bypass paths doesn't work on jobhistory job page)
    
> Null user on filtered jobhistory job page
> -----------------------------------------
>
>                 Key: MAPREDUCE-3878
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-3878
>             Project: Hadoop Map/Reduce
>          Issue Type: Bug
>          Components: mrv2
>    Affects Versions: 0.23.1
>            Reporter: Jonathan Eagles
>            Assignee: Jonathan Eagles
>            Priority: Critical
>         Attachments: MAPREDUCE-3878.patch
>
>
> If jobhistory/job.* is filtered to bypass acl, resulting page will always show Null user. This differs from 0.20 where filtering on this page, bypasses security to allow all access to the page. essentially passes a null user to AppController where an exception is thrown. If a null user is detected, we should acl checking is disabled on this page.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira