You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Eric Yang (JIRA)" <ji...@apache.org> on 2019/01/28 17:36:01 UTC
[jira] [Comment Edited] (HADOOP-16076) SPNEGO+SSL Client
Connections with HttpClient Broken
[ https://issues.apache.org/jira/browse/HADOOP-16076?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16754167#comment-16754167 ]
Eric Yang edited comment on HADOOP-16076 at 1/28/19 5:35 PM:
-------------------------------------------------------------
Patch 01 doesn't apply on trunk. The dependency is specified in hadoop-project/pom.xml instead of top level pom.
was (Author: eyang):
+1
> SPNEGO+SSL Client Connections with HttpClient Broken
> ----------------------------------------------------
>
> Key: HADOOP-16076
> URL: https://issues.apache.org/jira/browse/HADOOP-16076
> Project: Hadoop Common
> Issue Type: Bug
> Components: build, security
> Affects Versions: 3.2.0
> Reporter: Larry McCay
> Assignee: Larry McCay
> Priority: Major
> Attachments: HADOOP-16076-01.patch
>
>
> Client connections with HttpClient to a SPNEGO secured endpoint with TLS enabled break due to a misrepresentation of the SPN to include HTTPS instead of just HTTP.
> The current use of HTTPClient 4.5.2 is affected by HTTPCLIENT-1712 and breaks SPNEGO with HTTPS endpoints since it include the httpS in the principal name.
> We need to migrate to at least 4.5.3 as we have tested with that version and observed it fixing the issue. Need to do some due diligence to determine the cleanest version to upgrade to but will provide a patch in a day or so.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org