Uploaded image for project: 'Hue (READ ONLY)'
  1. Hue (READ ONLY)
  2. HUE-2353

[oozie] Authentication cookie for Oozie not according to RFC 2109

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Incomplete
    • Affects Version/s: 3.6.0
    • Fix Version/s: None
    • Component/s: con.oozie
    • Labels:
      None
    • Environment:

      RedHat 6.4

      Description

      Hue HTTP client send to oozie server the following cookie when already authenticated :

      Cookie: hadoop.auth=u=hue&p=hue/hueserver@REALM&t=kerberos&e=1412124304920&s=base64text=

      According to the RFC the cookie should be quoted like this :

      Cookie: hadoop.auth="u=hue&p=hue/hueserver@REALM&t=kerberos&e=1412124304920&s=base64text="

      HUE have to re authenticate on each HTTP request because the authentication with a non quoted cookie is rejected with a 401 HTTP response code by Oozie (oozie 4.0.1 and Hadoop 2.4.1)

      Oozie log file is full of warning :
      WARN AuthenticationFilter:347 - AuthenticationToken ignored: org.apache.hadoop.security.authentication.util.SignerException: Invalid signed text: u

      Same issue on JIRA :
      https://issues.apache.org/jira/browse/HADOOP-10710

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              alexandre Alexandre LINTE
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: