Critical Description
The log fragment below illustrates the case in the second group where 'sam' is logged as the user prior to authentication having occurred.
14/11/01 17:02:15 ||055eedda-3a2e-4207-9a58-f5317c224397|audit|WEBHDFS|sam|||access|uri|/gateway/sandbox/webhdfs/v1/?op=GETHOMEDIRECTORY|unavailable|
14/11/01 17:02:15 ||055eedda-3a2e-4207-9a58-f5317c224397|audit|WEBHDFS|sam|||access|uri|/gateway/sandbox/webhdfs/v1/?op=GETHOMEDIRECTORY|success|Response status: 401
...
14/11/01 17:03:38 ||ebc09492-dd96-4795-a55f-aad1d3526973|audit|WEBHDFS|sam|||access|uri|/gateway/sandbox/webhdfs/v1/?op=GETHOMEDIRECTORY|unavailable|
14/11/01 17:03:38 ||ebc09492-dd96-4795-a55f-aad1d3526973|audit|WEBHDFS|tom|||authentication|uri|/gateway/sandbox/webhdfs/v1/?op=GETHOMEDIRECTORY|success|
14/11/01 17:03:38 ||ebc09492-dd96-4795-a55f-aad1d3526973|audit|WEBHDFS|tom|||dispatch|uri|http://localhost:50070/webhdfs/v1/?user.name=tom&op=GETHOMEDIRECTORY|success|Response status: 200
14/11/01 17:03:38 ||ebc09492-dd96-4795-a55f-aad1d3526973|audit|WEBHDFS|tom|||access|uri|/gateway/sandbox/webhdfs/v1/?op=GETHOMEDIRECTORY|success|Response status: 200
Due to thread pooling in the container this is difficult to reproduce but using these three curl command in various combinations will eventually do so.
curl -i -k -u tom:tom-password -X GET 'https://localhost:8443/gateway/sandbox/webhdfs/v1/?op=GETHOMEDIRECTORY' curl -i -k -u sam:sam-password -X GET 'https://localhost:8443/gateway/sandbox/webhdfs/v1/?op=GETHOMEDIRECTORY' curl -i -k -u sam:wrong-password -X GET 'https://localhost:8443/gateway/sandbox/webhdfs/v1/?op=GETHOMEDIRECTORY'