hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-8581) add support for HTTPS to the web UIs
Date Wed, 02 Oct 2013 22:33:43 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-8581?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13784554#comment-13784554
] 

Alejandro Abdelnur commented on HADOOP-8581:
--------------------------------------------

Apologies for the delay getting back on this. Overall approach seems reasonable, a few things
though:

*allow access to both HTTPS and HTTP*

Serving the same content over HTTP and HTTPS seems unnecessary. And if set by mistake, could
give the false sense of security to someone that intended setting https only.

If we are talking about serving webpages over HTTP and webhdfs/fsimage over HTTPS then it
makes sense. 

But this means we'll have to explicitly configure each servlet to be served over the correct
transport only (HTTP or HTTPS). And give how servlets are added to HttpServer today this will
be a careful task to ensure nothing ends up wrongfully served on both transport endpoints.

*redirecting from http to https*

while  browsers do this automatically, if i recall correctly Java does not follow redirections
from HTTP to HTTPS. This may be an issue for fsimage and webhdfs.

* <project>.http.policy

Sounds good, but I would rather user http or https as value than numbers

Also, we'll have to refactor HttpServer to take as parameter the <service> prefix (I
would use service rather than project)

If we remove it from 2.2, what that exactly means? what functionality we lose?

> add support for HTTPS to the web UIs
> ------------------------------------
>
>                 Key: HADOOP-8581
>                 URL: https://issues.apache.org/jira/browse/HADOOP-8581
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: security
>    Affects Versions: 2.0.0-alpha
>            Reporter: Alejandro Abdelnur
>            Assignee: Alejandro Abdelnur
>             Fix For: 2.0.2-alpha
>
>         Attachments: HADOOP-8581.patch, HADOOP-8581.patch, HADOOP-8581.patch, HADOOP-8581.patch,
HADOOP-8581.patch, HADOOP-8581.patch, HADOOP-8581.patch
>
>
> HDFS/MR web UIs don't work over HTTPS, there are places where 'http://' is hardcoded.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message