Alejandro Abdelnur created HADOOP-10880:
-------------------------------------------
Summary: Move HTTP delegation tokens out of URL querystring to a
header
Key: HADOOP-10880
URL: https://issues.apache.org/jira/browse/HADOOP-10880
Project: Hadoop Common
Issue Type: Bug
Components: security
Affects Versions: 2.4.1
Reporter: Alejandro Abdelnur
Assignee: Alejandro Abdelnur
Because URLs are often logged, delegation tokens may end up in LOG files while
they are still valid.
We should move the tokens to a header.
We should still support tokens in the querystring for backwards compatibility.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
