Commit Graph

131 Commits

Author SHA1 Message Date
Junping Du 7706a63fb4 Preparing for 2.8.1 development after cutting off 2.8.0 branch. 2017-01-10 18:03:51 -08:00
Xiaoyu Yao 691a32c6f6 HADOOP-13890. Maintain HTTP/host as SPNEGO SPN support and fix KerberosName parsing. Contributed by Xiaoyu Yao.
(cherry picked from commit f5e0bd30fd)
(cherry picked from commit 85083567be)
2016-12-14 14:01:32 -08:00
Xiaoyu Yao bd4e5bc501 HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao.
(cherry picked from commit 4c38f11cec)
2016-12-09 21:38:42 -08:00
Andrew Wang 092d0602c2 HADOOP-13861. Spelling errors in logging and exceptions for code. Contributed by Grant Sohn.
(cherry picked from commit 7b988e8899)

 Conflicts:
	hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/io/erasurecode/rawcoder/util/GF256.java
	hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/KDiag.java

(cherry picked from commit 6bd600eef2)
2016-12-05 23:21:17 -08:00
Xiaoyu Yao 5073289c4a Revert "HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao."
This reverts commit 5abc788825.
2016-11-04 16:22:45 -07:00
Benoy Antony 653ceab7d3 HADOOP-12082 Support multiple authentication schemes via AuthenticationFilter. Contributed by Hrishikesh Gadre. 2016-10-21 19:43:22 -07:00
Xiaoyu Yao 5abc788825 HADOOP-13565. KerberosAuthenticationHandler#authenticate should not rebuild SPN based on client request. Contributed by Xiaoyu Yao.
(cherry picked from commit 9097e2efe4)
2016-10-13 10:58:20 -07:00
Robert Kanter dfc0e3f543 HADOOP-12611. TestZKSignerSecretProvider#testMultipleInit occasionally fail (ebadger via rkanter)
(cherry picked from commit c183b9de8d)
2016-10-07 10:51:28 -07:00
Wei-Chiu Chuang c7b79e8d91 HADOOP-13580. If user is unauthorized, log "unauthorized" instead of "Invalid signed text:". Contributed by Wei-Chiu Chuang.
(cherry picked from commit f6f3a447bf)
(cherry picked from commit 031d5f6c5b)
2016-09-16 14:56:55 -07:00
Zhe Zhang 9c1c48c0d4 HDFS-9888. Allow reseting KerberosName in unit tests. Contributed by Xiao Chen.
(cherry picked from commit 3e8099a45a)
(cherry picked from commit 00ff3d737c)
2016-08-11 12:42:17 -07:00
Chris Nauroth 244285488d HADOOP-13422. ZKDelegationTokenSecretManager JaasConfig does not work well with other ZK users in process. Contributed by Sergey Shelukhin.
(cherry picked from commit 255ea45e50)
(cherry picked from commit df2ed6b2c4)
2016-07-26 15:33:42 -07:00
Akira Ajisaka f5cdf94725 HADOOP-13213. Small Documentation bug with AuthenticatedURL in hadoop-auth. Contributed by Tom Ellis.
This closes #97.

(cherry picked from commit 8a1dccecce)
(cherry picked from commit 035eea4d12)
2016-06-11 03:33:40 +09:00
Steve Loughran d13cd394e5 HADOOP-12751. While using kerberos Hadoop incorrectly assumes names with '@' to be non-simple. (Bolke de Bruin via stevel). 2016-05-10 21:33:26 +01:00
Steve Loughran 1dddf1ac8a HADOOP-13026 Should not wrap IOExceptions into a AuthenticationException in KerberosAuthenticator. Xuan Gong via stevel 2016-04-15 17:43:38 +01:00
Andrew Wang bc148530d4 HADOOP-12951. Improve documentation on KMS ACLs and delegation tokens. Contributed by Xiao Chen.
(cherry picked from commit 594c70f779)
(cherry picked from commit 2f983b161f)
2016-04-07 23:51:19 -07:00
Akira Ajisaka 2d7084db20 HADOOP-12902. JavaDocs for SignerSecretProvider are out-of-date in AuthenticationFilter. Contributed by Gabor Liptak.
(cherry picked from commit acca149ec9)
(cherry picked from commit b4fbc22688)
2016-03-31 16:06:03 +09:00
Benoy Antony 1b263ea490 HADOOP-12929. JWTRedirectAuthenticationHandler must accommodate null expiration time. Contributed by Larry McCay.
(cherry picked from commit e7ed05e4f5)
2016-03-21 13:31:55 -07:00
Masatake Iwasaki 9d551a3adf HADOOP-12470. In-page TOC of documentation should be automatically generated by doxia macro (iwasakims)
(cherry picked from commit cbd31328a6)

 Conflicts:
	hadoop-common-project/hadoop-common/src/site/markdown/CommandsManual.md
	hadoop-common-project/hadoop-common/src/site/markdown/UnixShellGuide.md

(cherry picked from commit 722182fdfb)
2016-03-04 14:13:30 +09:00
cnauroth d4bbdd9d28 HADOOP-12716. KerberosAuthenticator#doSpnegoSequence use incorrect class to determine isKeyTab in JDK8. Contributed by Xiaoyu Yao.
(cherry picked from commit d6b181c6fa)
(cherry picked from commit ef9131fbcddc01a9d8cb3dfd0a729ed9d17d788e)
2016-02-24 13:56:12 -08:00
Akira Ajisaka d228bf1de3 HADOOP-12731. Remove useless boxing/unboxing code. Contributed by Kousuke Saruta.
(cherry picked from commit 736eb17a79)
(cherry picked from commit 4edd7bd820)
2016-01-25 13:48:46 +09:00
Benoy Antony 6cfeb84a36 HADOOP-12587. Hadoop AuthToken refuses to work without a maxinactive attribute in issued token. (Benoy Antony) 2016-01-14 14:42:04 -08:00
mattf 05a7fb3a9a HADOOP-12617. SPNEGO authentication request to non-default realm gets default realm name inserted in target server principal. (mattf) 2015-12-08 17:46:36 -08:00
Haohui Mai def7490b29 HADOOP-12181. Fix intermittent test failure of TestZKSignerSecretProvider. Contributed by Masatake Iwasaki. 2015-11-22 16:56:22 -08:00
Sangjin Lee 7802248c23 HADOOP-12526. there are duplicate dependency definitions in pom's (sjlee) 2015-11-08 17:46:37 -08:00
Steve Loughran 10932aad29 HADOOP-11628. SPNEGO auth does not work with CNAMEs in JDK8. (Daryn Sharp via stevel). 2015-10-18 11:45:11 +01:00
cnauroth 6774a1732a HADOOP-12481. JWTRedirectAuthenticationHandler doesn't Retain Original Query String. Contributed by Larry McCay.
(cherry picked from commit a121fa1d39)
2015-10-15 16:45:08 -07:00
Steve Loughran 988749e6ea HADOOP-12087. [JDK8] Fix javadoc errors caused by incorrect or illegal tags. (Akira AJISAKA via stevel). 2015-09-13 14:25:06 +01:00
Xiaoyu Yao a7e5a88b59 HADOOP-12347. Fix mismatch parameter name in javadocs of AuthToken#setMaxInactives. Contributed by Xiaoyu Yao
(cherry picked from commit caa636bf10)

Conflicts:
	hadoop-common-project/hadoop-common/CHANGES.txt
2015-08-21 16:41:34 -07:00
Benoy Antony d84e4a90d0 hadoop-12050. Enable MaxInactiveInterval for hadoop http auth token. Contributed by Huizhi Lu.
(cherry picked from commit 71aedfabf3)
2015-08-18 13:53:47 -07:00
Benoy Antony aef9ab2128 HADOOP-12049. Control http authentication cookie persistence via configuration. Contributed by Huizhi Lu.
(cherry picked from commit a815cc157c)
2015-06-24 16:41:23 -07:00
Andrew Wang 52ff1610cd HADOOP-12037. Fix wrong classname in example configuration of hadoop-auth documentation. Contributed by Masatake Iwasaki.
(cherry picked from commit 990078b927)
2015-06-01 18:05:06 -07:00
Akira Ajisaka 77587fe198 HADOOP-11663. Remove description about Java 6 from docs. Contributed by Masatake Iwasaki.
(cherry picked from commit b9cebfc0ba)
2015-05-12 00:31:28 +09:00
Robert Kanter f00815ac8a HADOOP-11870. [JDK8] AuthenticationFilter, CertificateUtil, SignerSecretProviders, KeyAuthorizationKeyProvider Javadoc issues (rkanter)
(cherry picked from commit 9fec02c069)
2015-04-27 13:26:00 -07:00
Steve Loughran 4f9b24b90a HADOOP-11864. JWTRedirectAuthenticationHandler breaks java8 javadocs. (Larry McCay via stevel) 2015-04-23 09:06:02 +01:00
Jason Lowe feb995fc50 HADOOP-11868. Invalid user logins trigger large backtraces in server log. Contributed by Chang Li
(cherry picked from commit 0ebe84d30a)
2015-04-22 20:57:46 +00:00
Jitendra Pandey db4419df6b HADOOP-11859. PseudoAuthenticationHandler fails with httpcomponents v4.4. Contributed by Eugene Koifman. 2015-04-22 10:02:02 -07:00
Steve Loughran 6d8a49dd68 HADOOP-11846 TestCertificateUtil.testCorruptPEM failing on Jenkins JDK8. (Larry McCay via stevel) 2015-04-21 22:38:27 +01:00
Haohui Mai dbe1cec0da HADOOP-11837. AuthenticationFilter should destroy SignerSecretProvider in Tomcat deployments. Contributed by Bowen Zhang. 2015-04-17 10:59:54 -07:00
Owen O'Malley c16af2f6f8 HADOOP-11717. Support JWT tokens for web single sign on to the Hadoop
servers. (Larry McCay via omalley)
2015-04-07 08:17:10 -07:00
Haohui Mai 24d879026d HADOOP-11754. RM fails to start in non-secure mode due to authentication filter failure. Contributed by Haohui Mai. 2015-03-30 11:44:30 -07:00
Haohui Mai a84fdd5650 HADOOP-11761. Fix findbugs warnings in org.apache.hadoop.security.authentication. Contributed by Li Lu. 2015-03-30 11:09:08 -07:00
Haohui Mai c261d35b75 HADOOP-11748. The secrets of auth cookies should not be specified in configuration in clear text. Contributed by Li Lu and Haohui Mai. 2015-03-26 17:35:28 -07:00
Haohui Mai c62840d531 Addendum for HADOOP-10670. 2015-03-25 12:30:12 -07:00
Haohui Mai 17f17dac4e HADOOP-10670. Allow AuthenticationFilters to load secret from signature secret files. Contributed by Kai Zheng. 2015-03-25 11:13:04 -07:00
Haohui Mai e75e6c66ea HADOOP-11633. Convert remaining branch-2 .apt.vm files to markdown. Contributed by Masatake Iwasaki. 2015-03-11 14:23:44 -07:00
Tsuyoshi Ozawa b46f9e72db HADOOP-11602. Backport 'Fix toUpperCase/toLowerCase to use Locale.ENGLISH.' (ozawa) 2015-03-09 19:53:55 +09:00
Vinod Kumar Vavilapalli d9416317a9 Preparing for 2.8.0 development. Changing SNAPSHOT version to be 2.8 on branch-2. 2015-03-08 20:32:51 -07:00
Robert Kanter ebf6499498 HADOOP-11467. KerberosAuthenticator can connect to a non-secure cluster. (yzhangal via rkanter)
(cherry picked from commit 875256834b)

Conflicts:
	hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/server/TestAuthenticationToken.java
	hadoop-common-project/hadoop-common/CHANGES.txt
2015-02-13 14:12:38 -08:00
Haohui Mai b68d51e898 HADOOP-11379. Fix new findbugs warnings in hadoop-auth*. Contributed by Li Lu. 2014-12-09 13:09:01 -08:00
Steve Loughran 2bc3f1064f HADOOP-10134 [JDK8] Fix Javadoc errors caused by incorrect or illegal tags in doc comments. 2014-12-09 11:15:19 +00:00