[IMPALA-9423] Fix cookie auth with Knox - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: Impala 3.4.0
Component/s: Clients
Labels:
None

Epic Color:
ghx-label-2

Description

When Apache Knox is being used to proxy connections to Impala, it used to be the case that Knox would return the authentication cookies generated by Impala, saving extra round trips and authentications to Kerberos/LDAP.

This was broken by ~~KNOX-2223~~ - Knox only returns auth cookies that it thinks are for it, which it determines by checking for its Kerberos principal in the cookie string. With ~~KNOX-2223~~, the principal is expected to be preceded by a '=', which Impala doesn't do.

Attachments

Activity

People

Assignee:: Thomas Tauber-Marshall

Reporter:: Thomas Tauber-Marshall

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 25/Feb/20 20:24

Updated:: 26/Feb/20 23:56

Resolved:: 26/Feb/20 23:56