Commit Graph

123 Commits

Author SHA1 Message Date
Daniel Templeton
c21c260392 HADOOP-14666. Tests use assertTrue(....equals(...)) instead of assertEquals() 2017-07-19 13:58:55 -07:00
Akira Ajisaka
092ebdf885
HADOOP-12940. Fix warnings from Spotbugs in hadoop-common. 2017-06-23 10:28:58 +09:00
Daryn Sharp
e806c6e0ce HADOOP-14146. KerberosAuthenticationHandler should authenticate with SPN in AP-REQ. Contributed by Daryn Sharp 2017-06-21 11:03:41 -05:00
Daniel Templeton
86368cc766 HADOOP-14310. RolloverSignerSecretProvider.LOG should be @VisibleForTesting
(Contributed by Arun Shanmugam Kumar via Daniel Templeton)
2017-06-12 09:42:16 -07:00
Xiao Chen
0202480742 HADOOP-13174. Add more debug logs for delegation tokens and authentication. 2017-06-08 21:34:15 -07:00
Sunil G
b6f66b0da1 YARN-6584. Correct license headers in hadoop-common, hdfs, yarn and mapreduce. Contributed by Yeliang Cang. 2017-05-22 14:10:06 +05:30
Daniel Templeton
4dd6206547 HADOOP-14246. Authentication Tokens should use SecureRandom instead of Random and 256 bit secrets
(Conttributed by Robert Konter via Daniel Templeton)
2017-04-12 11:17:31 -07:00
Xiao Chen
5d182949ba HADOOP-13597. Switch KMS from Tomcat to Jetty. Contributed by John Zhuge. 2017-01-05 17:21:57 -08:00
Xiaoyu Yao
f5e0bd30fd HADOOP-13890. Maintain HTTP/host as SPNEGO SPN support and fix KerberosName parsing. Contributed by Xiaoyu Yao. 2016-12-14 13:45:21 -08:00
Xiaoyu Yao
4c38f11cec HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao. 2016-12-09 21:27:04 -08:00
Andrew Wang
7b988e8899 HADOOP-13861. Spelling errors in logging and exceptions for code. Contributed by Grant Sohn. 2016-12-05 23:18:18 -08:00
Xiaoyu Yao
95665a6eea Revert "HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao."
This reverts commit 9097e2efe4.
2016-11-04 16:02:47 -07:00
Robert Kanter
5877f20f9c HADOOP-10075. Update jetty dependency to version 9 (rkanter) 2016-10-27 16:09:00 -07:00
Benoy Antony
4bca385241 HADOOP-12082 Support multiple authentication schemes via AuthenticationFilter 2016-10-18 18:32:01 -07:00
Akira Ajisaka
5a5a724731 HADOOP-13417. Fix javac and checkstyle warnings in hadoop-auth package. 2016-10-14 14:45:55 +09:00
Xiaoyu Yao
9097e2efe4 HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao. 2016-10-13 10:52:28 -07:00
Robert Kanter
c183b9de8d HADOOP-12611. TestZKSignerSecretProvider#testMultipleInit occasionally fail (ebadger via rkanter) 2016-10-07 09:33:31 -07:00
Wei-Chiu Chuang
f6f3a447bf HADOOP-13580. If user is unauthorized, log "unauthorized" instead of "Invalid signed text:". Contributed by Wei-Chiu Chuang. 2016-09-16 14:53:30 -07:00
Chris Nauroth
255ea45e50 HADOOP-13422. ZKDelegationTokenSecretManager JaasConfig does not work well with other ZK users in process. Contributed by Sergey Shelukhin. 2016-07-26 15:33:20 -07:00
Allen Wittenauer
be38e530bb HADOOP-9888. KerberosName static initialization gets default realm, which is unneeded in non-secure deployment. (Dmytro Kabakchei via aw) 2016-06-28 07:22:51 -07:00
Akira Ajisaka
8a1dccecce HADOOP-13213. Small Documentation bug with AuthenticatedURL in hadoop-auth. Contributed by Tom Ellis.
This closes #97.
2016-06-11 03:32:21 +09:00
Kai Zheng
916140604f HADOOP-12911. Upgrade Hadoop MiniKDC with Kerby. Contributed by Jiajia Li 2016-05-28 14:23:39 +08:00
Steve Loughran
829a2e4d27 HADOOP-12751. While using kerberos Hadoop incorrectly assumes names with '@' to be non-simple. (Bolke de Bruin via stevel). 2016-05-10 21:32:57 +01:00
Steve Loughran
4feed9b2db HADOOP-13026 Should not wrap IOExceptions into a AuthenticationException in KerberosAuthenticator. Xuan Gong via stevel 2016-04-15 17:44:12 +01:00
Andrew Wang
594c70f779 HADOOP-12951. Improve documentation on KMS ACLs and delegation tokens. Contributed by Xiao Chen. 2016-04-07 23:50:27 -07:00
Akira Ajisaka
acca149ec9 HADOOP-12902. JavaDocs for SignerSecretProvider are out-of-date in AuthenticationFilter. Contributed by Gabor Liptak. 2016-03-31 16:04:47 +09:00
Benoy Antony
e7ed05e4f5 HADOOP-12929. JWTRedirectAuthenticationHandler must accommodate null expiration time. Contributed by Larry McCay. 2016-03-21 13:19:43 -07:00
Li Lu
9a79b738c5 HADOOP-12906. AuthenticatedURL should convert a 404/Not Found into an FileNotFoundException. (Steve Loughran via gtcarrera9) 2016-03-10 11:38:31 -08:00
Zhe Zhang
3e8099a45a HDFS-9888. Allow reseting KerberosName in unit tests. Contributed by Xiao Chen. 2016-03-04 09:48:05 -08:00
Masatake Iwasaki
cbd31328a6 HADOOP-12470. In-page TOC of documentation should be automatically generated by doxia macro (iwasakims) 2016-03-04 14:11:36 +09:00
cnauroth
d6b181c6fa HADOOP-12716. KerberosAuthenticator#doSpnegoSequence use incorrect class to determine isKeyTab in JDK8. Contributed by Xiaoyu Yao. 2016-02-24 13:55:39 -08:00
Akira Ajisaka
736eb17a79 HADOOP-12731. Remove useless boxing/unboxing code. Contributed by Kousuke Saruta. 2016-01-25 13:47:29 +09:00
Benoy Antony
dec8dfdfa6 HADOOP-12587. Hadoop AuthToken refuses to work without a maxinactive attribute in issued token. (Benoy Antony) 2016-01-09 13:41:18 -08:00
mattf
ada9c2c410 HADOOP-12617. SPNEGO authentication request to non-default realm gets default realm name inserted in target server principal. (mattf) 2015-12-08 17:27:50 -08:00
Haohui Mai
5f688453df HADOOP-12181. Fix intermittent test failure of TestZKSignerSecretProvider. Contributed by Masatake Iwasaki. 2015-11-22 16:56:15 -08:00
Steve Loughran
bafeb6c7bc HADOOP-11628. SPNEGO auth does not work with CNAMEs in JDK8. (Daryn Sharp via stevel). 2015-10-18 11:45:41 +01:00
cnauroth
a121fa1d39 HADOOP-12481. JWTRedirectAuthenticationHandler doesn't Retain Original Query String. Contributed by Larry McCay. 2015-10-15 16:44:59 -07:00
Steve Loughran
7269906254 HADOOP-12087. [JDK8] Fix javadoc errors caused by incorrect or illegal tags. (Akira AJISAKA via stevel). 2015-09-13 14:25:26 +01:00
Xiaoyu Yao
caa636bf10 HADOOP-12347. Fix mismatch parameter name in javadocs of AuthToken#setMaxInactives. Contributed by Xiaoyu Yao 2015-08-21 16:32:57 -07:00
Benoy Antony
71aedfabf3 hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu. 2015-08-18 13:43:34 -07:00
Benoy Antony
a815cc157c HADOOP-12049. Control http authentication cookie persistence via configuration. Contributed by Huizhi Lu. 2015-06-24 15:59:39 -07:00
Andrew Wang
990078b927 HADOOP-12037. Fix wrong classname in example configuration of hadoop-auth documentation. Contributed by Masatake Iwasaki. 2015-06-01 18:04:52 -07:00
Akira Ajisaka
b9cebfc0ba HADOOP-11663. Remove description about Java 6 from docs. Contributed by Masatake Iwasaki. 2015-05-12 00:30:59 +09:00
Robert Kanter
9fec02c069 HADOOP-11870. [JDK8] AuthenticationFilter, CertificateUtil, SignerSecretProviders, KeyAuthorizationKeyProvider Javadoc issues (rkanter) 2015-04-27 13:25:11 -07:00
Steve Loughran
08d4386162 HADOOP-11864. JWTRedirectAuthenticationHandler breaks java8 javadocs. (Larry McCay via stevel) 2015-04-23 09:06:22 +01:00
Jason Lowe
0ebe84d30a HADOOP-11868. Invalid user logins trigger large backtraces in server log. Contributed by Chang Li 2015-04-22 20:56:29 +00:00
Jakob Homan
e54a3e1f4f HADOOP-11850: Typos in hadoop-common java docs. Contributed by Surendra Singh Lilhore. 2015-04-22 13:48:16 -07:00
Jitendra Pandey
1f4767c7f2 HADOOP-11859. PseudoAuthenticationHandler fails with httpcomponents v4.4. Contributed by Eugene Koifman. 2015-04-22 10:00:14 -07:00
Steve Loughran
2c14690368 HADOOP-11846 TestCertificateUtil.testCorruptPEM failing on Jenkins JDK8. (Larry McCay via stevel) 2015-04-21 22:38:41 +01:00
Haohui Mai
c6b5203cfd HADOOP-11837. AuthenticationFilter should destroy SignerSecretProvider in Tomcat deployments. Contributed by Bowen Zhang. 2015-04-17 10:59:47 -07:00