You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@impala.apache.org by "Thomas Tauber-Marshall (Jira)" <ji...@apache.org> on 2019/10/09 00:29:00 UTC

[jira] [Resolved] (IMPALA-8898) Delete cookies on 401

     [ https://issues.apache.org/jira/browse/IMPALA-8898?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Thomas Tauber-Marshall resolved IMPALA-8898.
--------------------------------------------
    Fix Version/s: Impala 3.4.0
       Resolution: Fixed

> Delete cookies on 401
> ---------------------
>
>                 Key: IMPALA-8898
>                 URL: https://issues.apache.org/jira/browse/IMPALA-8898
>             Project: IMPALA
>          Issue Type: Improvement
>          Components: Clients
>    Affects Versions: Impala 3.4.0
>            Reporter: Thomas Tauber-Marshall
>            Assignee: Thomas Tauber-Marshall
>            Priority: Critical
>             Fix For: Impala 3.4.0
>
>
> IMPALA-8584 added support for cookie based authentication over the hs2 http server. When we return a 401 from there, we should also delete the cookie by returning a cookie with an empty value and an expiration time in the past.
> This helps ensure clients don't attempt to authenticate with the same invalid cookie multiple times.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)