apex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (APEXCORE-397) Allow configurability of stram web services authentication
Date Tue, 22 Mar 2016 17:55:25 GMT

    [ https://issues.apache.org/jira/browse/APEXCORE-397?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15206902#comment-15206902

ASF GitHub Bot commented on APEXCORE-397:

Github user davidyan74 commented on a diff in the pull request:

    --- Diff: api/src/main/java/com/datatorrent/api/Context.java ---
    @@ -471,6 +485,12 @@
         Attribute<ContainerOptConfigurator> CONTAINER_OPTS_CONFIGURATOR = new Attribute<ContainerOptConfigurator>(new
    +     * The strategy to use for stram web services authentication.
    +     * See {@link StramHTTPAuthentication}
    +     * Default value is StramHTTPAuthentication.FOLLOW_HADOOP_AUTH
    +     */
    +    Attribute<StramHTTPAuthentication> STRAM_HTTP_AUTHENTICATION = new Attribute<StramHTTPAuthentication>(StramHTTPAuthentication.FOLLOW_HADOOP_AUTH,
new StringCodec.Enum2String<>(StramHTTPAuthentication.class));
    --- End diff --
    Should we take advantage of the diamond operator here: Attribute<> instead of Attribute<StramHTTPAuthentication>

> Allow configurability of stram web services authentication
> ----------------------------------------------------------
>                 Key: APEXCORE-397
>                 URL: https://issues.apache.org/jira/browse/APEXCORE-397
>             Project: Apache Apex Core
>          Issue Type: Bug
>            Reporter: Pramod Immaneni
>            Assignee: Pramod Immaneni
> Today whether stram web service authentication is enabled or disabled is totally dependent
on hadoop authentication setting for rpc (not even hadoop http authentication setting). So
if hadoop authentication is enabled stram web service authentication was enabled. Furthermore
when stram web service authentication is enabled, at authentication time checks are done against
RM proxy ip address which fail if the addresses aren't configured correctly for example in
HA scenarios. This requires debugging and specifying the correct properties if they are missing.
Users may not want this authentication in the first place and not want to go through hassle.
> A better mechanism is needed where users can configure this authentication. 

This message was sent by Atlassian JIRA

View raw message