Steve Loughran
|
d0edd37269
|
HADOOP-15959. Revert "HADOOP-12751. While using kerberos Hadoop incorrectly assumes names with '@' to be non-simple"
This reverts commit 829a2e4d27 .
|
2018-11-29 17:52:11 +00:00 |
|
Steve Loughran
|
b738cb148c
|
HADOOP-15854. AuthToken Use StringBuilder instead of StringBuffer.
Contributed by Beluga Behr.
|
2018-10-17 10:29:09 +01:00 |
|
Sunil G
|
58fa96b697
|
Changed version in trunk to 3.3.0-SNAPSHOT.
|
2018-10-02 22:41:41 +05:30 |
|
Arpit Agarwal
|
78a10029ec
|
HADOOP-15265. Exclude json-smart explicitly in hadoop-auth avoid being pulled in transitively. Contributed by Nishant Bangarwa.
|
2018-02-26 13:56:53 -08:00 |
|
Arpit Agarwal
|
b0d3c877e3
|
HADOOP-12897. KerberosAuthenticator.authenticate to include URL on IO failures. Contributed by Ajay Kumar.
|
2018-02-20 18:18:58 -08:00 |
|
Robert Kanter
|
324e5a7cf2
|
HADOOP-15235. Authentication Tokens should use HMAC instead of MAC (rkanter)
|
2018-02-20 17:24:37 -08:00 |
|
Xiao Chen
|
1f20f432d2
|
Revert "HADOOP-12897. KerberosAuthenticator.authenticate to include URL on IO failures. Contributed by Ajay Kumar."
This reverts commit 332269de06 .
|
2018-02-14 10:25:05 -08:00 |
|
Arpit Agarwal
|
332269de06
|
HADOOP-12897. KerberosAuthenticator.authenticate to include URL on IO failures. Contributed by Ajay Kumar.
|
2018-02-13 10:14:16 -08:00 |
|
Wangda Tan
|
60f9e60b3b
|
Preparing for 3.2.0 development
Change-Id: I6d0e01f3d665d26573ef2b957add1cf0cddf7938
|
2018-02-11 11:17:38 +08:00 |
|
Xiao Chen
|
09dd709d6e
|
HADOOP-15197. Remove tomcat from the Hadoop-auth test bundle.
|
2018-02-01 15:33:52 -08:00 |
|
Ray Chiang
|
556812c179
|
HADOOP-14799. Update nimbus-jose-jwt to 4.41.1. (rchiang)
|
2017-09-12 10:19:34 -07:00 |
|
Andrew Wang
|
0d419c984f
|
Preparing for 3.1.0 development
|
2017-09-01 11:53:48 -07:00 |
|
Allen Wittenauer
|
a3fee475f7
|
HADOOP-14414. Calling maven-site-plugin directly for docs profile is unnecessary (Andras Bokor via aw)
|
2017-09-01 08:38:30 -07:00 |
|
Jason Lowe
|
c379310212
|
HADOOP-14687. AuthenticatedURL will reuse bad/expired session cookies. Contributed by Daryn Sharp
|
2017-08-22 16:50:01 -05:00 |
|
Daniel Templeton
|
c21c260392
|
HADOOP-14666. Tests use assertTrue(....equals(...)) instead of assertEquals()
|
2017-07-19 13:58:55 -07:00 |
|
Andrew Wang
|
af2773f609
|
Updating version for 3.0.0-beta1 development
|
2017-06-29 17:57:40 -07:00 |
|
Akira Ajisaka
|
092ebdf885
|
HADOOP-12940. Fix warnings from Spotbugs in hadoop-common.
|
2017-06-23 10:28:58 +09:00 |
|
Daryn Sharp
|
e806c6e0ce
|
HADOOP-14146. KerberosAuthenticationHandler should authenticate with SPN in AP-REQ. Contributed by Daryn Sharp
|
2017-06-21 11:03:41 -05:00 |
|
Daniel Templeton
|
86368cc766
|
HADOOP-14310. RolloverSignerSecretProvider.LOG should be @VisibleForTesting
(Contributed by Arun Shanmugam Kumar via Daniel Templeton)
|
2017-06-12 09:42:16 -07:00 |
|
Xiao Chen
|
0202480742
|
HADOOP-13174. Add more debug logs for delegation tokens and authentication.
|
2017-06-08 21:34:15 -07:00 |
|
Andrew Wang
|
16ad896d5c
|
Update maven version for 3.0.0-alpha4 development
|
2017-05-26 14:09:44 -07:00 |
|
Sunil G
|
b6f66b0da1
|
YARN-6584. Correct license headers in hadoop-common, hdfs, yarn and mapreduce. Contributed by Yeliang Cang.
|
2017-05-22 14:10:06 +05:30 |
|
Akira Ajisaka
|
0d5c8ed8e0
|
HADOOP-14401. maven-project-info-reports-plugin can be removed. Contributed by Andras Bokor.
|
2017-05-11 16:37:32 -05:00 |
|
Daniel Templeton
|
4dd6206547
|
HADOOP-14246. Authentication Tokens should use SecureRandom instead of Random and 256 bit secrets
(Conttributed by Robert Konter via Daniel Templeton)
|
2017-04-12 11:17:31 -07:00 |
|
Andrew Wang
|
5d8b80ea9b
|
Preparing for 3.0.0-alpha3 development
|
2017-01-19 15:50:07 -08:00 |
|
Xiao Chen
|
5d182949ba
|
HADOOP-13597. Switch KMS from Tomcat to Jetty. Contributed by John Zhuge.
|
2017-01-05 17:21:57 -08:00 |
|
Xiaoyu Yao
|
f5e0bd30fd
|
HADOOP-13890. Maintain HTTP/host as SPNEGO SPN support and fix KerberosName parsing. Contributed by Xiaoyu Yao.
|
2016-12-14 13:45:21 -08:00 |
|
Xiaoyu Yao
|
4c38f11cec
|
HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao.
|
2016-12-09 21:27:04 -08:00 |
|
Andrew Wang
|
7b988e8899
|
HADOOP-13861. Spelling errors in logging and exceptions for code. Contributed by Grant Sohn.
|
2016-12-05 23:18:18 -08:00 |
|
Akira Ajisaka
|
209e805430
|
HADOOP-13506. Redundant groupid warning in child projects. Contributed by Kai Sasaki.
|
2016-11-28 14:34:57 +09:00 |
|
Xiaoyu Yao
|
95665a6eea
|
Revert "HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao."
This reverts commit 9097e2efe4 .
|
2016-11-04 16:02:47 -07:00 |
|
Robert Kanter
|
5877f20f9c
|
HADOOP-10075. Update jetty dependency to version 9 (rkanter)
|
2016-10-27 16:09:00 -07:00 |
|
Benoy Antony
|
4bca385241
|
HADOOP-12082 Support multiple authentication schemes via AuthenticationFilter
|
2016-10-18 18:32:01 -07:00 |
|
Akira Ajisaka
|
5a5a724731
|
HADOOP-13417. Fix javac and checkstyle warnings in hadoop-auth package.
|
2016-10-14 14:45:55 +09:00 |
|
Xiaoyu Yao
|
9097e2efe4
|
HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao.
|
2016-10-13 10:52:28 -07:00 |
|
Robert Kanter
|
c183b9de8d
|
HADOOP-12611. TestZKSignerSecretProvider#testMultipleInit occasionally fail (ebadger via rkanter)
|
2016-10-07 09:33:31 -07:00 |
|
Wei-Chiu Chuang
|
f6f3a447bf
|
HADOOP-13580. If user is unauthorized, log "unauthorized" instead of "Invalid signed text:". Contributed by Wei-Chiu Chuang.
|
2016-09-16 14:53:30 -07:00 |
|
Chris Nauroth
|
255ea45e50
|
HADOOP-13422. ZKDelegationTokenSecretManager JaasConfig does not work well with other ZK users in process. Contributed by Sergey Shelukhin.
|
2016-07-26 15:33:20 -07:00 |
|
Andrew Wang
|
da456ffd62
|
Preparing for 3.0.0-alpha2 development
|
2016-07-15 19:04:17 -07:00 |
|
Allen Wittenauer
|
be38e530bb
|
HADOOP-9888. KerberosName static initialization gets default realm, which is unneeded in non-secure deployment. (Dmytro Kabakchei via aw)
|
2016-06-28 07:22:51 -07:00 |
|
Akira Ajisaka
|
8a1dccecce
|
HADOOP-13213. Small Documentation bug with AuthenticatedURL in hadoop-auth. Contributed by Tom Ellis.
This closes #97.
|
2016-06-11 03:32:21 +09:00 |
|
Kai Zheng
|
723432b338
|
HADOOP-13220. Follow on fixups after upgraded mini-kdc using Kerby. Contributed by Jiajia Li
|
2016-06-09 15:56:12 +08:00 |
|
Kai Zheng
|
916140604f
|
HADOOP-12911. Upgrade Hadoop MiniKDC with Kerby. Contributed by Jiajia Li
|
2016-05-28 14:23:39 +08:00 |
|
Andrew Wang
|
3c5c57af28
|
HADOOP-13142. Change project version from 3.0.0 to 3.0.0-alpha1.
|
2016-05-12 18:27:28 -07:00 |
|
Andrew Wang
|
ca5613af91
|
Revert "Update project version to 3.0.0-alpha1-SNAPSHOT."
This reverts commit 6b53802cba .
|
2016-05-12 15:32:45 -07:00 |
|
Andrew Wang
|
6b53802cba
|
Update project version to 3.0.0-alpha1-SNAPSHOT.
|
2016-05-12 11:05:05 -07:00 |
|
Steve Loughran
|
829a2e4d27
|
HADOOP-12751. While using kerberos Hadoop incorrectly assumes names with '@' to be non-simple. (Bolke de Bruin via stevel).
|
2016-05-10 21:32:57 +01:00 |
|
Steve Loughran
|
4feed9b2db
|
HADOOP-13026 Should not wrap IOExceptions into a AuthenticationException in KerberosAuthenticator. Xuan Gong via stevel
|
2016-04-15 17:44:12 +01:00 |
|
Andrew Wang
|
594c70f779
|
HADOOP-12951. Improve documentation on KMS ACLs and delegation tokens. Contributed by Xiao Chen.
|
2016-04-07 23:50:27 -07:00 |
|
Akira Ajisaka
|
acca149ec9
|
HADOOP-12902. JavaDocs for SignerSecretProvider are out-of-date in AuthenticationFilter. Contributed by Gabor Liptak.
|
2016-03-31 16:04:47 +09:00 |
|
Benoy Antony
|
e7ed05e4f5
|
HADOOP-12929. JWTRedirectAuthenticationHandler must accommodate null expiration time. Contributed by Larry McCay.
|
2016-03-21 13:19:43 -07:00 |
|
Li Lu
|
9a79b738c5
|
HADOOP-12906. AuthenticatedURL should convert a 404/Not Found into an FileNotFoundException. (Steve Loughran via gtcarrera9)
|
2016-03-10 11:38:31 -08:00 |
|
Zhe Zhang
|
3e8099a45a
|
HDFS-9888. Allow reseting KerberosName in unit tests. Contributed by Xiao Chen.
|
2016-03-04 09:48:05 -08:00 |
|
Masatake Iwasaki
|
cbd31328a6
|
HADOOP-12470. In-page TOC of documentation should be automatically generated by doxia macro (iwasakims)
|
2016-03-04 14:11:36 +09:00 |
|
cnauroth
|
d6b181c6fa
|
HADOOP-12716. KerberosAuthenticator#doSpnegoSequence use incorrect class to determine isKeyTab in JDK8. Contributed by Xiaoyu Yao.
|
2016-02-24 13:55:39 -08:00 |
|
Akira Ajisaka
|
736eb17a79
|
HADOOP-12731. Remove useless boxing/unboxing code. Contributed by Kousuke Saruta.
|
2016-01-25 13:47:29 +09:00 |
|
Benoy Antony
|
dec8dfdfa6
|
HADOOP-12587. Hadoop AuthToken refuses to work without a maxinactive attribute in issued token. (Benoy Antony)
|
2016-01-09 13:41:18 -08:00 |
|
mattf
|
ada9c2c410
|
HADOOP-12617. SPNEGO authentication request to non-default realm gets default realm name inserted in target server principal. (mattf)
|
2015-12-08 17:27:50 -08:00 |
|
Haohui Mai
|
5f688453df
|
HADOOP-12181. Fix intermittent test failure of TestZKSignerSecretProvider. Contributed by Masatake Iwasaki.
|
2015-11-22 16:56:15 -08:00 |
|
Steve Loughran
|
bafeb6c7bc
|
HADOOP-11628. SPNEGO auth does not work with CNAMEs in JDK8. (Daryn Sharp via stevel).
|
2015-10-18 11:45:41 +01:00 |
|
cnauroth
|
a121fa1d39
|
HADOOP-12481. JWTRedirectAuthenticationHandler doesn't Retain Original Query String. Contributed by Larry McCay.
|
2015-10-15 16:44:59 -07:00 |
|
Steve Loughran
|
7269906254
|
HADOOP-12087. [JDK8] Fix javadoc errors caused by incorrect or illegal tags. (Akira AJISAKA via stevel).
|
2015-09-13 14:25:26 +01:00 |
|
Xiaoyu Yao
|
caa636bf10
|
HADOOP-12347. Fix mismatch parameter name in javadocs of AuthToken#setMaxInactives. Contributed by Xiaoyu Yao
|
2015-08-21 16:32:57 -07:00 |
|
Benoy Antony
|
71aedfabf3
|
hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu.
|
2015-08-18 13:43:34 -07:00 |
|
Benoy Antony
|
a815cc157c
|
HADOOP-12049. Control http authentication cookie persistence via configuration. Contributed by Huizhi Lu.
|
2015-06-24 15:59:39 -07:00 |
|
Andrew Wang
|
990078b927
|
HADOOP-12037. Fix wrong classname in example configuration of hadoop-auth documentation. Contributed by Masatake Iwasaki.
|
2015-06-01 18:04:52 -07:00 |
|
Akira Ajisaka
|
b9cebfc0ba
|
HADOOP-11663. Remove description about Java 6 from docs. Contributed by Masatake Iwasaki.
|
2015-05-12 00:30:59 +09:00 |
|
Robert Kanter
|
9fec02c069
|
HADOOP-11870. [JDK8] AuthenticationFilter, CertificateUtil, SignerSecretProviders, KeyAuthorizationKeyProvider Javadoc issues (rkanter)
|
2015-04-27 13:25:11 -07:00 |
|
Steve Loughran
|
08d4386162
|
HADOOP-11864. JWTRedirectAuthenticationHandler breaks java8 javadocs. (Larry McCay via stevel)
|
2015-04-23 09:06:22 +01:00 |
|
Jason Lowe
|
0ebe84d30a
|
HADOOP-11868. Invalid user logins trigger large backtraces in server log. Contributed by Chang Li
|
2015-04-22 20:56:29 +00:00 |
|
Jakob Homan
|
e54a3e1f4f
|
HADOOP-11850: Typos in hadoop-common java docs. Contributed by Surendra Singh Lilhore.
|
2015-04-22 13:48:16 -07:00 |
|
Jitendra Pandey
|
1f4767c7f2
|
HADOOP-11859. PseudoAuthenticationHandler fails with httpcomponents v4.4. Contributed by Eugene Koifman.
|
2015-04-22 10:00:14 -07:00 |
|
Steve Loughran
|
2c14690368
|
HADOOP-11846 TestCertificateUtil.testCorruptPEM failing on Jenkins JDK8. (Larry McCay via stevel)
|
2015-04-21 22:38:41 +01:00 |
|
Haohui Mai
|
c6b5203cfd
|
HADOOP-11837. AuthenticationFilter should destroy SignerSecretProvider in Tomcat deployments. Contributed by Bowen Zhang.
|
2015-04-17 10:59:47 -07:00 |
|
Owen O'Malley
|
ce63573314
|
HADOOP-11717. Support JWT tokens for web single sign on to the Hadoop
servers. (Larry McCay via omalley)
|
2015-04-07 08:09:41 -07:00 |
|
Haohui Mai
|
90e07d55ac
|
HADOOP-11754. RM fails to start in non-secure mode due to authentication filter failure. Contributed by Haohui Mai.
|
2015-03-30 11:44:22 -07:00 |
|
Haohui Mai
|
82fa3adfd8
|
HADOOP-11761. Fix findbugs warnings in org.apache.hadoop.security.authentication. Contributed by Li Lu.
|
2015-03-30 11:08:54 -07:00 |
|
Haohui Mai
|
47782cbf4a
|
HADOOP-11748. The secrets of auth cookies should not be specified in configuration in clear text. Contributed by Li Lu and Haohui Mai.
|
2015-03-26 17:35:37 -07:00 |
|
Haohui Mai
|
3807884263
|
Addendum for HADOOP-10670.
|
2015-03-25 12:29:54 -07:00 |
|
Haohui Mai
|
e4b8d9e72d
|
HADOOP-10670. Allow AuthenticationFilters to load secret from signature secret files. Contributed by Kai Zheng.
|
2015-03-25 11:12:42 -07:00 |
|
Tsuyoshi Ozawa
|
d1c6accb6f
|
HADOOP-11602. Fix toUpperCase/toLowerCase to use Locale.ENGLISH. (ozawa)
|
2015-03-03 14:17:52 +09:00 |
|
Allen Wittenauer
|
b01d3433ae
|
HADOOP-10774. Update KerberosTestUtils for hadoop-auth tests when using IBM Java (sangamesh via aw)
|
2015-02-28 23:22:06 -08:00 |
|
Tsuyoshi Ozawa
|
9cedad11d8
|
Revert "HADOOP-11602. Fix toUpperCase/toLowerCase to use Locale.ENGLISH. (ozawa)"
This reverts commit 946456c6d8 .
Conflicts:
hadoop-common-project/hadoop-common/CHANGES.txt
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/QuotaByStorageTypeEntry.java
|
2015-02-25 00:32:04 +09:00 |
|
Tsuyoshi Ozawa
|
946456c6d8
|
HADOOP-11602. Fix toUpperCase/toLowerCase to use Locale.ENGLISH. (ozawa)
|
2015-02-19 13:06:53 +09:00 |
|
Allen Wittenauer
|
b6fc1f3e43
|
HADOOP-11593. Convert site documentation from apt to markdown (stragglers) (Masatake Iwasaki via aw)
|
2015-02-17 21:30:24 -10:00 |
|
Robert Kanter
|
875256834b
|
HADOOP-11467. KerberosAuthenticator can connect to a non-secure cluster. (yzhangal via rkanter)
|
2015-02-13 14:01:46 -08:00 |
|
Haohui Mai
|
6df457a3d7
|
HADOOP-11379. Fix new findbugs warnings in hadoop-auth*. Contributed by Li Lu.
|
2014-12-09 13:08:51 -08:00 |
|
Steve Loughran
|
f71eb51ab8
|
HADOOP-10134 [JDK8] Fix Javadoc errors caused by incorrect or illegal tags in doc comments.
|
2014-12-09 11:15:35 +00:00 |
|
Aaron T. Myers
|
9d1a8f5897
|
HADOOP-11332. KerberosAuthenticator#doSpnegoSequence should check if kerberos TGT is available in the subject. Contributed by Dian Fu.
|
2014-12-03 18:53:45 -08:00 |
|
Aaron T. Myers
|
ef5af4f8de
|
HADOOP-11187 NameNode - KMS communication fails after a long period of inactivity. Contributed by Arun Suresh.
|
2014-11-05 18:17:49 -08:00 |
|
Aaron T. Myers
|
8a261e68e4
|
HADOOP-11272. Allow ZKSignerSecretProvider and ZKDelegationTokenSecretManager to use the same curator client. Contributed by Arun Suresh.
|
2014-11-05 17:47:22 -08:00 |
|
cnauroth
|
5c900b522e
|
HADOOP-11068. Match hadoop.auth cookie format to jetty output. Contributed by Gregory Chanan.
|
2014-10-29 11:18:44 -07:00 |
|
Andrew Wang
|
2d8e6e2c4a
|
HADOOP-11151. Automatically refresh auth token and retry on auth failure. Contributed by Arun Suresh.
|
2014-10-02 19:54:57 -07:00 |
|
Alejandro Abdelnur
|
db890eef32
|
HADOOP-11017. KMS delegation token secret manager should be able to use zookeeper as store. (asuresh via tucu)
|
2014-09-20 08:21:44 -07:00 |
|
Alejandro Abdelnur
|
7e08c0f23f
|
HADOOP-10868. Addendum
|
2014-09-15 19:39:27 -07:00 |
|
Alejandro Abdelnur
|
932ae036ac
|
HADOOP-10868. AuthenticationFilter should support externalizing the secret for signing and provide rotation support. (rkanter via tucu)
|
2014-09-15 17:05:42 -07:00 |
|
Alejandro Abdelnur
|
156e6a4f8a
|
HADOOP-10911. hadoop.auth cookie after HADOOP-10710 still not proper according to RFC2109. (gchanan via tucu)
|
2014-08-29 11:23:23 -07:00 |
|
Alejandro Abdelnur
|
6d7a6766bd
|
HADOOP-10835. Implement HTTP proxyuser support in HTTP authentication client/server libraries. (tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1617384 13f79535-47bb-0310-9956-ffa450edef68
|
2014-08-12 00:10:15 +00:00 |
|
Alejandro Abdelnur
|
be9c67930b
|
HADOOP-10771. Refactor HTTP delegation support out of httpfs to common, PART 2. (tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1616672 13f79535-47bb-0310-9956-ffa450edef68
|
2014-08-08 04:58:58 +00:00 |
|
Alejandro Abdelnur
|
2d7dcff6f4
|
HADOOP-10791. AuthenticationFilter should support externalizing the secret for signing and provide rotation support. (rkanter via tucu)
git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/trunk@1616005 13f79535-47bb-0310-9956-ffa450edef68
|
2014-08-05 21:21:03 +00:00 |
|