[
https://issues.apache.org/jira/browse/HADOOP-10709?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14353875#comment-14353875
]
Ryan Sasson commented on HADOOP-10709:
--------------------------------------
Hi all, I am Allen's colleague at Altiscale and have been part of the custom
authentication effort. I have tried to apply the patch but have not been
successful, the patch is attempting to change a method (in particular
getFilterHolder()) that does not exist in trunk or other recent branches I have
checked. I manually added the method and saw a null pointer exception when
starting WebHDFS on the Namenode because no method is called before to populate
the filters map object.
Additionally, this won't fix the problem described in HDFS-5796. As Allen
mentioned in a comment on the ticket, initializing WebHDFS with a subclass of
AltKerberosAuthenticationHandler is broken because all filter parameters don't
get passed down and it does not read the cookie signature secret file. This
problem stems from the getAuthFilterParams() method and it is still being used
in this patch.
> Reuse Filters across web apps
> -----------------------------
>
> Key: HADOOP-10709
> URL: https://issues.apache.org/jira/browse/HADOOP-10709
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Benoy Antony
> Assignee: Benoy Antony
> Attachments: HADOOP-10709-002.patch, HADOOP-10709.patch
>
>
> Currently, we need to define separate authentication filters for webhdfs and
> general webui. This also involves defining parameters for those filters.
> It will be better if one could reuse filters for web apps if desired.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
