Return-Path: Delivered-To: apmail-hadoop-core-dev-archive@www.apache.org Received: (qmail 36904 invoked from network); 29 Sep 2008 17:29:37 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 29 Sep 2008 17:29:37 -0000 Received: (qmail 68760 invoked by uid 500); 29 Sep 2008 17:29:33 -0000 Delivered-To: apmail-hadoop-core-dev-archive@hadoop.apache.org Received: (qmail 68734 invoked by uid 500); 29 Sep 2008 17:29:33 -0000 Mailing-List: contact core-dev-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: core-dev@hadoop.apache.org Delivered-To: mailing list core-dev@hadoop.apache.org Received: (qmail 68723 invoked by uid 99); 29 Sep 2008 17:29:33 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 29 Sep 2008 10:29:33 -0700 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 29 Sep 2008 17:28:40 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 5E42A234C1F7 for ; Mon, 29 Sep 2008 10:28:44 -0700 (PDT) Message-ID: <1167794064.1222709324385.JavaMail.jira@brutus> Date: Mon, 29 Sep 2008 10:28:44 -0700 (PDT) From: "Doug Cutting (JIRA)" To: core-dev@hadoop.apache.org Subject: [jira] Commented: (HADOOP-4284) Support for user configurable global filters on HttpServer In-Reply-To: <1802099537.1222409866224.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/HADOOP-4284?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12635458#action_12635458 ] Doug Cutting commented on HADOOP-4284: -------------------------------------- Kan, this sounds good. Thanks for bearing with me here. > Support for user configurable global filters on HttpServer > ---------------------------------------------------------- > > Key: HADOOP-4284 > URL: https://issues.apache.org/jira/browse/HADOOP-4284 > Project: Hadoop Core > Issue Type: New Feature > Reporter: Kan Zhang > Attachments: 4284_20080925_78.patch, 4284_20080926_79.patch > > > HADOOP-3854 introduced a framework for adding filters to filter browser facing urls. Sometimes, there is a need to filter all urls. For example, at Yahoo, we need to open an SSL port on the HttpServer and only accept hsftp requests from clients who can authenticate themselves using client certificate and is authorized according to certain policy file. For this to happen, we need a method to add a user configurable "global" filter, which filters on all client requests. For our purposes, such a global filter will block all https requests except those accessing the hsftp interface (it will let all http requests go through, so accesses through the normal http ports are unaffected). Moreover, those hsftp requests will be subject to further authorization checking according to the policy file. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.