Ayush Saxena
23787e4bdd
HDFS-15136. LOG flooding in secure mode when Cookies are not set in request header. Contributed by Renukaprasad C
2020-02-08 01:17:59 +05:30
Mate Szalay-Beko
6d92aa7c30
HADOOP-16579. Upgrade to Curator 4.2.0 and ZooKeeper 3.5.5 ( #1656 ). Contributed by Norbert Kalmár, Mate Szalay-Beko
...
* HADOOP-16579 - Upgrade to Apache Curator 4.2.0 and ZooKeeper 3.5.5
- Add a static initializer for the unit tests using ZooKeeper to enable
the four-letter-words diagnostic telnet commands. (this is an interface
that become disabled by default, so to keep the ZooKeeper 3.4.x behavior
we enabled it for the tests)
- Also fix ZKFailoverController to look for relevant fail-over ActiveAttempt
records. The new ZooKeeper seems to respond quicker during the fail-over
tests than the ZooKeeper, so we made sure to catch all the relevant records
by adding a new parameter to ZKFailoverontroller.waitForActiveAttempt().
Co-authored-by: Norbert Kalmár <nkalmar@cloudera.com>
2019-10-18 13:26:20 -07:00
Malcolm Taylor
56248f9d87
HADOOP-16556. Fix some alerts raised by LGTM.
...
Contributed by Malcolm Taylor.
Change-Id: Ic60c3f4681dd9d48b3afcba7520bd1e4d3cc4231
2019-09-19 16:00:05 +01:00
Akira Ajisaka
55cc115878
HADOOP-16527. Add a whitelist of endpoints to skip Kerberos authentication ( #1336 ) Contributed by Akira Ajisaka.
2019-08-28 14:28:41 +09:00
Wei-Chiu Chuang
e20b19543b
HADOOP-15681. AuthenticationFilter should generate valid date format for Set-Cookie header regardless of default Locale. Contributed by Cao Manh Dat.
2019-08-01 17:35:31 -07:00
Don Jeba
204a977f55
HADOOP-15910. Fix Javadoc for LdapAuthenticationHandler#ENABLE_START_TLS
...
Contributed by Don Jeba.
Change-Id: I2755bfb1263fc659078a1af8f0bdfd739fd1ae40
2019-07-30 12:39:48 +01:00
Wei-Chiu Chuang
f1c239c6a4
HADOOP-9157. Better option for curl in hadoop-auth-examples. Contributed by Andras Bokor.
2019-06-17 21:51:33 -07:00
Akira Ajisaka
0d47d283a6
HADOOP-10848. Cleanup calling of sun.security.krb5.Config.
2019-04-08 10:02:34 +09:00
Xiaoyu Yao
ca4e46a05e
HDDS-1075. Fix CertificateUtil#parseRSAPublicKey charsetName. Contributed by Siddharth Wagle.
2019-02-11 12:09:14 -08:00
Akira Ajisaka
1129288cf5
HADOOP-14178. Move Mockito up to version 2.23.4. Contributed by Akira Ajisaka and Masatake Iwasaki.
2019-01-29 18:29:56 -08:00
Xiaoyu Yao
ff61931f91
HDDS-6. Enable SCM kerberos auth. Contributed by Ajay Kumar.
2019-01-15 22:16:58 -07:00
Eric Yang
d43af8b3db
HADOOP-15996. Improved Kerberos username mapping strategy in Hadoop.
...
Contributed by Bolke de Bruin
2019-01-04 17:54:15 -05:00
Bharat Viswanadham
2499435d9d
HADOOP-16014. Fix test, checkstyle and javadoc issues in TestKerberosAuthenticationHandler. Contributed by Dinesh Chitlangia.
2018-12-21 13:30:48 -08:00
Steve Loughran
d0edd37269
HADOOP-15959. Revert "HADOOP-12751. While using kerberos Hadoop incorrectly assumes names with '@' to be non-simple"
...
This reverts commit 829a2e4d27
.
2018-11-29 17:52:11 +00:00
Steve Loughran
b738cb148c
HADOOP-15854. AuthToken Use StringBuilder instead of StringBuffer.
...
Contributed by Beluga Behr.
2018-10-17 10:29:09 +01:00
Arpit Agarwal
b0d3c877e3
HADOOP-12897. KerberosAuthenticator.authenticate to include URL on IO failures. Contributed by Ajay Kumar.
2018-02-20 18:18:58 -08:00
Robert Kanter
324e5a7cf2
HADOOP-15235. Authentication Tokens should use HMAC instead of MAC (rkanter)
2018-02-20 17:24:37 -08:00
Xiao Chen
1f20f432d2
Revert "HADOOP-12897. KerberosAuthenticator.authenticate to include URL on IO failures. Contributed by Ajay Kumar."
...
This reverts commit 332269de06
.
2018-02-14 10:25:05 -08:00
Arpit Agarwal
332269de06
HADOOP-12897. KerberosAuthenticator.authenticate to include URL on IO failures. Contributed by Ajay Kumar.
2018-02-13 10:14:16 -08:00
Xiao Chen
09dd709d6e
HADOOP-15197. Remove tomcat from the Hadoop-auth test bundle.
2018-02-01 15:33:52 -08:00
Ray Chiang
556812c179
HADOOP-14799. Update nimbus-jose-jwt to 4.41.1. (rchiang)
2017-09-12 10:19:34 -07:00
Jason Lowe
c379310212
HADOOP-14687. AuthenticatedURL will reuse bad/expired session cookies. Contributed by Daryn Sharp
2017-08-22 16:50:01 -05:00
Daniel Templeton
c21c260392
HADOOP-14666. Tests use assertTrue(....equals(...)) instead of assertEquals()
2017-07-19 13:58:55 -07:00
Akira Ajisaka
092ebdf885
HADOOP-12940. Fix warnings from Spotbugs in hadoop-common.
2017-06-23 10:28:58 +09:00
Daryn Sharp
e806c6e0ce
HADOOP-14146. KerberosAuthenticationHandler should authenticate with SPN in AP-REQ. Contributed by Daryn Sharp
2017-06-21 11:03:41 -05:00
Daniel Templeton
86368cc766
HADOOP-14310. RolloverSignerSecretProvider.LOG should be @VisibleForTesting
...
(Contributed by Arun Shanmugam Kumar via Daniel Templeton)
2017-06-12 09:42:16 -07:00
Xiao Chen
0202480742
HADOOP-13174. Add more debug logs for delegation tokens and authentication.
2017-06-08 21:34:15 -07:00
Sunil G
b6f66b0da1
YARN-6584. Correct license headers in hadoop-common, hdfs, yarn and mapreduce. Contributed by Yeliang Cang.
2017-05-22 14:10:06 +05:30
Daniel Templeton
4dd6206547
HADOOP-14246. Authentication Tokens should use SecureRandom instead of Random and 256 bit secrets
...
(Conttributed by Robert Konter via Daniel Templeton)
2017-04-12 11:17:31 -07:00
Xiao Chen
5d182949ba
HADOOP-13597. Switch KMS from Tomcat to Jetty. Contributed by John Zhuge.
2017-01-05 17:21:57 -08:00
Xiaoyu Yao
f5e0bd30fd
HADOOP-13890. Maintain HTTP/host as SPNEGO SPN support and fix KerberosName parsing. Contributed by Xiaoyu Yao.
2016-12-14 13:45:21 -08:00
Xiaoyu Yao
4c38f11cec
HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao.
2016-12-09 21:27:04 -08:00
Andrew Wang
7b988e8899
HADOOP-13861. Spelling errors in logging and exceptions for code. Contributed by Grant Sohn.
2016-12-05 23:18:18 -08:00
Xiaoyu Yao
95665a6eea
Revert "HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao."
...
This reverts commit 9097e2efe4
.
2016-11-04 16:02:47 -07:00
Robert Kanter
5877f20f9c
HADOOP-10075. Update jetty dependency to version 9 (rkanter)
2016-10-27 16:09:00 -07:00
Benoy Antony
4bca385241
HADOOP-12082 Support multiple authentication schemes via AuthenticationFilter
2016-10-18 18:32:01 -07:00
Akira Ajisaka
5a5a724731
HADOOP-13417. Fix javac and checkstyle warnings in hadoop-auth package.
2016-10-14 14:45:55 +09:00
Xiaoyu Yao
9097e2efe4
HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao.
2016-10-13 10:52:28 -07:00
Robert Kanter
c183b9de8d
HADOOP-12611. TestZKSignerSecretProvider#testMultipleInit occasionally fail (ebadger via rkanter)
2016-10-07 09:33:31 -07:00
Wei-Chiu Chuang
f6f3a447bf
HADOOP-13580. If user is unauthorized, log "unauthorized" instead of "Invalid signed text:". Contributed by Wei-Chiu Chuang.
2016-09-16 14:53:30 -07:00
Chris Nauroth
255ea45e50
HADOOP-13422. ZKDelegationTokenSecretManager JaasConfig does not work well with other ZK users in process. Contributed by Sergey Shelukhin.
2016-07-26 15:33:20 -07:00
Allen Wittenauer
be38e530bb
HADOOP-9888. KerberosName static initialization gets default realm, which is unneeded in non-secure deployment. (Dmytro Kabakchei via aw)
2016-06-28 07:22:51 -07:00
Akira Ajisaka
8a1dccecce
HADOOP-13213. Small Documentation bug with AuthenticatedURL in hadoop-auth. Contributed by Tom Ellis.
...
This closes #97 .
2016-06-11 03:32:21 +09:00
Kai Zheng
916140604f
HADOOP-12911. Upgrade Hadoop MiniKDC with Kerby. Contributed by Jiajia Li
2016-05-28 14:23:39 +08:00
Steve Loughran
829a2e4d27
HADOOP-12751. While using kerberos Hadoop incorrectly assumes names with '@' to be non-simple. (Bolke de Bruin via stevel).
2016-05-10 21:32:57 +01:00
Steve Loughran
4feed9b2db
HADOOP-13026 Should not wrap IOExceptions into a AuthenticationException in KerberosAuthenticator. Xuan Gong via stevel
2016-04-15 17:44:12 +01:00
Andrew Wang
594c70f779
HADOOP-12951. Improve documentation on KMS ACLs and delegation tokens. Contributed by Xiao Chen.
2016-04-07 23:50:27 -07:00
Akira Ajisaka
acca149ec9
HADOOP-12902. JavaDocs for SignerSecretProvider are out-of-date in AuthenticationFilter. Contributed by Gabor Liptak.
2016-03-31 16:04:47 +09:00
Benoy Antony
e7ed05e4f5
HADOOP-12929. JWTRedirectAuthenticationHandler must accommodate null expiration time. Contributed by Larry McCay.
2016-03-21 13:19:43 -07:00
Li Lu
9a79b738c5
HADOOP-12906. AuthenticatedURL should convert a 404/Not Found into an FileNotFoundException. (Steve Loughran via gtcarrera9)
2016-03-10 11:38:31 -08:00