aurora-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stephan Erb (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AURORA-343) HTTP thrift service is not over SSL
Date Mon, 16 Jan 2017 17:10:26 GMT

    [ https://issues.apache.org/jira/browse/AURORA-343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15824305#comment-15824305
] 

Stephan Erb commented on AURORA-343:
------------------------------------

Would anyone mind if we go down the route of requiring an reverse proxy such as nginx or apache
to perform the SSL offloading for Aurora?

We have that requirement internally (including authentication). Unfortunately adding this
upstream in Aurora is out of scope at the moment. However, I could at least document that
a reverse proxy is the way to go, and add a few pointers how this can be done.

> HTTP thrift service is not over SSL
> -----------------------------------
>
>                 Key: AURORA-343
>                 URL: https://issues.apache.org/jira/browse/AURORA-343
>             Project: Aurora
>          Issue Type: Bug
>          Components: Scheduler
>            Reporter: Bill Farner
>            Priority: Minor
>              Labels: newbie
>
> {{SchedulerAPIServlet}} is bound against the default debug HTTP server, which is non-encrypted.
 This leaves the door open to snooping.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message