hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zhijie Shen (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-10596) HttpServer2 should apply the authentication filter to some urls instead of null
Date Tue, 13 May 2014 06:08:15 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13996109#comment-13996109
] 

Zhijie Shen commented on HADOOP-10596:
--------------------------------------

bq. For example, secret file is an implementation of the filter, it should not be exposed
in HttpServer2

Right, it's the config of the filter. However, we already live with the similar thing in the
current HttpServer2. See:

{code}
 params.put(AuthenticationFilter.AUTH_TYPE, "kerberos");
{code}

bq. Under what circumstances you only want to parts of the HttpServer to be authenticated?

I'm not sure I understand your question here. I think the existing code can not protect the
web since it doesn't apply the filter to any urls. I changed it to protect all urls, as I
think once the authentication is enabled, all the web resources should be secured. Please
let me know if it is not the case.

> HttpServer2 should apply the authentication filter to some urls instead of null
> -------------------------------------------------------------------------------
>
>                 Key: HADOOP-10596
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10596
>             Project: Hadoop Common
>          Issue Type: Bug
>            Reporter: Zhijie Shen
>            Assignee: Zhijie Shen
>         Attachments: HADOOP-10596.1.patch
>
>
> HttpServer2 should apply the authentication filter to some urls instead of null. In addition,
it should be more flexible for users to configure SPNEGO.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message