hi,
i also meet this problem before,at last we give up the SPNEGO mode. we
overwrite the PseudoAuthenticationHandler.java .
@Override
public AuthenticationToken authenticate(HttpServletRequest request,
HttpServletResponse response) throws IOException,
AuthenticationException {
AuthenticationToken token = AuthenticationToken.ANONYMOUS;
String servletPath = request.getServletPath();
String method = request.getMethod();
String userName = request.getParameter("username");
String passWord = request.getParameter("password");
if (servletPath.equals(LOGIN_PAGE) && method.equals("GET")) {
return token;
}
if (userName != null) {
int checkFlag=checkPasswd(userName, passWord);
if (checkFlag==LOGIN_SUCCESS) {
token = AuthenticationToken.parse("u=" + userName + "&p="
+ userName + "&t=" + TYPE + "&e=-1");
} else {
response.sendRedirect(LOGIN_PAGE+"?checkFlag="+checkFlag);
// throw new AuthenticationException("passwd is not corret");
}
} else {
if (getAcceptAnonymous()) {
token = AuthenticationToken.ANONYMOUS;
} else {
response.sendRedirect(LOGIN_PAGE);
// AuthenticationException(" please login http://127.0.0.1:50070/login.html>");
}
}
return token;
}
and we config the web-control mode simple .
add a new login.html that request the user's username and passwd.
best wishes!
jeff
From: Artem Ervits
Date: 2012-08-10 02:45
To: [email protected]
Subject: Hadoop web interface authentication
Hello all,
I added the following setting
hadoop.http.authentication.simple.anonymous.allowed. Now when I try to login to
Web UI, I get 401 error unless I specify user.name=username. This is exactly
what I want but I noticed that I can pass any user name and it will work as
long as it is not null. What else am I missing from the core-site file to make
it work? Also, is there a way I can add a configuration so that a password
would be required to get access? I am aware of Kerberos authentication method
but I have it configured with Active directory and until I find the correct
location of the keytab, I can't use it.
Thanks all.
Artem Ervits
Data Analyst
New York Presbyterian Hospital
________________________________
This electronic message is intended to be for the use only of the named
recipient, and may contain information that is confidential or privileged. If
you are not the intended recipient, you are hereby notified that any
disclosure, copying, distribution or use of the contents of this message is
strictly prohibited. If you have received this message in error or are not the
named recipient, please notify us immediately by contacting the sender at the
electronic mail address noted above, and delete and destroy all copies of this
message. Thank you.
--------------------
This electronic message is intended to be for the use only of the named
recipient, and may contain information that is confidential or privileged. If
you are not the intended recipient, you are hereby notified that any
disclosure, copying, distribution or use of the contents of this message is
strictly prohibited. If you have received this message in error or are not the
named recipient, please notify us immediately by contacting the sender at the
electronic mail address noted above, and delete and destroy all copies of this
message. Thank you.
--------------------
This electronic message is intended to be for the use only of the named
recipient, and may contain information that is confidential or privileged. If
you are not the intended recipient, you are hereby notified that any
disclosure, copying, distribution or use of the contents of this message is
strictly prohibited. If you have received this message in error or are not the
named recipient, please notify us immediately by contacting the sender at the
electronic mail address noted above, and delete and destroy all copies of this
message. Thank you.
